OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Tens of thousands of messages stuck in incoming?
From: Brad Knowles (blkskynet.be)
Date: Tue Apr 04 2000 - 10:11:55 CDT

Folks,

        I'm wondering if anyone has any ideas why we'd get outbound mail
relay servers that have tens of thousands of messages stuck in the
incoming directory, and not being processed by the rest of the system.

        Last night, I took our outbound mail servers and changed the
maximal_queue_backoff parameter to be slightly larger than 3600
seconds (from slightly more than 300 seconds), so that we'd wait a
longer period of time between retries on sites that had already been
retried recently.

        I was also trying to reduce the load average on the system and
the amount of swap space in use, so I reduced the
default_process_limit to 100.

        This morning, we had 15,000+ messages queued on the systems with
the mqueue filesystem completely full, and I can't quite figure out
why.

        Yes, the default_process_limit change would reduce the amount of
parallelism in the system, but increasing the maximal_queue_backoff
parameter should have meant that the system would have spent less
time beating its brains out against systems it had just recently
tried but aren't going to accept the connection this time either, and
it should hopefully have been a net wash.

        Now, I would have understood if it was a problem with disk space
and all the files got left in active/ and deferred/, but by far the
vast majority of them are still stuck in the incoming/ directory. I
need to get them moved out of the incoming/ directory and pushed
through the system, so that we can get these boxes back online.

        Anyway, I've put up a third outbound mail relay server now, and
in fact it is the only one being used in production. The other two
have been taken out and I'm trying to clean up their queues, so that
I can get them back into production.

        It would also help if there were limits on how many times a day
postfix would generate double-bounce error messages that result from
insufficient disk space, since they clutter up the queue and
contribute to the disk space problem.

2bounce_notice_recipient = postmaster
access_map_reject_code = 554
alias_database = dbm:/etc/aliases
alias_maps = dbm:/etc/aliases
allow_mail_to_commands = alias,forward
allow_mail_to_files = alias,forward
allow_min_user = no
allow_percent_hack = yes
allow_untrusted_routing = no
always_bcc =
append_at_myorigin = yes
append_dot_mydomain = yes
best_mx_transport =
biff = yes
bounce_notice_recipient = postmaster
bounce_size_limit = 50000
canonical_maps =
command_directory = /usr/sbin
command_expansion_filter =
1234567890!%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVW
XYZ
command_time_limit = 1000
daemon_directory = /usr/libexec/postfix
daemon_timeout = 18000
debug_peer_level = 10
debug_peer_list =
default_database_type = dbm
default_destination_concurrency_limit = 10
default_destination_recipient_limit = 50
default_privs = nobody
default_process_limit = 300
default_transport = smtp
defer_transports =
delay_notice_recipient = postmaster
delay_warning_time = 4
deliver_lock_attempts = 5
deliver_lock_delay = 1
disable_dns_lookups = no
disable_vrfy_command = no
dont_remove = 0
double_bounce_sender = double-bounce
duplicate_filter_limit = 1000
empty_address_recipient = MAILER-DAEMON
error_notice_recipient = postmaster
expand_owner_alias = no
fallback_relay =
fallback_transport =
fork_attempts = 5
fork_delay = 1
forward_expansion_filter =
1234567890!%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVW
XYZ
forward_path = $home/.forward${recipient_delimiter}${extension},$home/.forward
hash_queue_depth = 2
hash_queue_names = defer,deferred,incoming,active
header_checks = regexp:/etc/postfix/header.ck
header_size_limit = 102400
home_mailbox =
hopcount_limit = 50
ignore_mx_lookup_error = no
inet_interfaces = $myhostname, localhost
initial_destination_concurrency = 5
invalid_hostname_reject_code = 501
ipc_idle = 100
ipc_timeout = 3600
line_length_limit = 2048
local_command_shell =
local_destination_concurrency_limit = 2
local_destination_recipient_limit = $default_destination_recipient_limit
local_recipient_maps =
local_transport = local
luser_relay =
mail_name = Postfix
mail_owner = postfix
mail_spool_directory = /var/mail
mail_version = Postfix-19991231-pl02
mailbox_command =
mailbox_transport =
maps_rbl_domains = rbl.maps.vix.com, rss.maps.vix.com,
relays.orbs.org, dul.maps.vix.com
maps_rbl_reject_code = 554
masquerade_domains =
masquerade_exceptions =
max_idle = 100
max_use = 100
maximal_backoff_time = 307
maximal_queue_lifetime = 5
message_size_limit = 16777216
minimal_backoff_time = 67
mydestination = $myhostname, localhost.$mydomain
mydomain = skynet.be
myhostname = morpheus.skynet.be
mynetworks = $config_directory/mynetworks
myorigin = $mydomain
non_fqdn_reject_code = 504
notify_classes = resource,software
owner_request_special = yes
prepend_delivered_header = command, file, forward
process_id_directory = pid
program_directory = /usr/libexec/postfix
propagate_unmatched_extensions = canonical, virtual
qmgr_fudge_factor = 100
qmgr_message_active_limit = 1000
qmgr_message_recipient_limit = 1000
queue_directory = /mqueue
queue_minfree = 0
queue_run_delay = 61
recipient_canonical_maps =
recipient_delimiter =
reject_code = 554
relay_domains = $mydestination
relay_domains_reject_code = 554
relayhost =
relocated_maps =
sender_canonical_maps =
service_throttle_time = 60
smtp_connect_timeout = 0
smtp_data_done_timeout = 600
smtp_data_init_timeout = 120
smtp_data_xfer_timeout = 180
smtp_destination_concurrency_limit = $default_destination_concurrency_limit
smtp_destination_recipient_limit = $default_destination_recipient_limit
smtp_helo_timeout = 300
smtp_mail_timeout = 300
smtp_quit_timeout = 300
smtp_rcpt_timeout = 300
smtp_skip_4xx_greeting = no
smtp_skip_quit_response = yes
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_client_restrictions = dbm:/etc/postfix/access, reject_maps_rbl,
permit_mynetworks, reject_unknown_client
smtpd_delay_reject = yes
smtpd_error_sleep_time = 5
smtpd_etrn_restrictions =
smtpd_hard_error_limit = 100
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
smtpd_recipient_limit = 1000
smtpd_recipient_restrictions = regexp:/etc/postfix/regexp_access,
reject_non_fqdn_recipient, reject_unknown_recipient_domain,
permit_mynetworks, check_relay_domains
smtpd_restriction_classes =
smtpd_sender_restrictions = reject_non_fqdn_sender,
reject_unknown_sender_domain
smtpd_soft_error_limit = 10
smtpd_timeout = 300
soft_bounce = no
stale_lock_time = 500
strict_rfc821_envelopes = yes
sun_mailtool_compatibility = no
swap_bangpath = yes
transport_maps =
transport_retry_time = 60
trigger_timeout = 10
unknown_address_reject_code = 450
unknown_client_reject_code = 450
unknown_hostname_reject_code = 450
virtual_maps = 

--
   These are my opinions -- not to be taken as official Skynet policy
======================================================================
Brad Knowles, <blkskynet.be>                || Belgacom Skynet SA/NV
Systems Architect, Mail/News/FTP/Proxy Admin || Rue Colonel Bourg, 124
Phone/Fax: +32-2-706.13.11/12.49             || B-1140 Brussels
http://www.skynet.be                         || Belgium