[Mimedefang] Revisiting the bombardment of 451 Tempfailing errors
Justin Shore
listuser at numbnuts.net
Tue Jul 8 09:22:00 EDT 2003
On Tue, 8 Jul 2003, David F. Skoll wrote:
> On Mon, 7 Jul 2003, Justin Shore wrote:
>
> > Howdy all. I'm still having trouble with my server deciding to tempfail
> > everything after only a handful of minutes running. It has all but made
> > the mail system unusable.
>
> I'm completely stumped; I've never seen this behaviour before. I test
> MIMEDefang on a Sun Blade 100 which is much less powerful than your box,
> and it works fine.
>
> Are you running Solaris 9? Maybe it's a Solaris 8 problem? Any other
> Solaris users out there with helpful info?
Ah. Leave it to me to leave out something important again. :) This is a
Redhat 7.3 box with most everything that listens on a port compiled by
hand. I think you can still get Solaris for x86 but I'm not for certain.
:)
> > MX_SLAVE_DELAY=5
> This is too high. I would use 1 or 0.
I'll change this shortly.
> > MX_REQUESTS=50
> This is way too low. I suggest 500.
I'll change this too. IIRC the reason I set it lower was to hopefully get
MD to restart the child processes after only a few requests before they go
braindead. In the end I believe I determined that it was the parent
process that had the mental reservations.
> > Jul 7 21:14:59 bubba mimedefang[20616]: h682EmlQ020615: Unknown command
> > '%' in RESULTS file
>
> Could you have a partially-installed version of MIMEDefang, like a set
> of "C" programs from a different version than the Perl program? Are you
> linking against a recent libmilter.a?
I suppose that a possibility. I'm heading out of town again for the rest
of the week. When I get back I'll bring the mail system down, uninstall
MD and SA, recompile and reinstall both and see what happens. I'm
assuming the libmilter.a I'm using is 8.12.9's.
I just noticed one odd thing. I enabled named querylogging to make
absolutely certain that MD wasn't querying all the DNSBLs I added to SA
and then disabled. Everytime a MD slave starts up there A record queries
for two of three of hosts at cloudmark.com.
stress.cloudmark.com
a.razor.cloudmark.com
b.razor2.cloudmark.com
Also there is a query for kernel.org's MX. This happens each and
everytime a slave is spawned. If I haven't actually enabled SA's local
tests then why is razor being run? This is exactly what I have in my
mimedefang-filter
# Lets SA run its DNSBLs and Razor stuff, I think
#$SALocalTestsOnly = 0;
I commented out that line some time back while trying to diagnose this
problem. It seems to me like this _could_ be part of the problem. If SA
can't get an answer out of the razor2 server it queries, couldn't that
cause MD to wait indefinitely? Is there a way to set a timeout on that
query? Just shooting in the dark here but I thought I'd mention it. I'll
be checking my email while I'm out of town.
Thanks
Justin
More information about the MIMEDefang
mailing list