[Mimedefang] Re: Too Many Open Files (again?)

Matlock , Justin JMatlock at innotrac.com
Thu Jun 19 15:32:01 EDT 2003


Well, after seeing those, I did some digging, and found these additional
parameters:

confTO_HELO             Timeout.helo    [5m] The timeout waiting for a
response
                                        to a HELO or EHLO command.
confTO_MAIL             Timeout.mail    [10m] The timeout waiting for a
                                        response to the MAIL command.
confTO_RCPT             Timeout.rcpt    [1h] The timeout waiting for a
response
                                        to the RCPT command.
confTO_DATAINIT         Timeout.datainit
                                        [5m] The timeout waiting for a 354
                                        response from the DATA command.
confTO_DATABLOCK        Timeout.datablock
                                        [1h] The timeout waiting for a block
                                        during DATA phase.
confTO_DATAFINAL        Timeout.datafinal
                                        [1h] The timeout waiting for a
response
                                        to the final "." that terminates a
                                        message.

looks like TO_DATABLOCK would have solved our problems yesterday.

Amazing what I found when I just read the README files.. :)

Thanks again, everyone!


-----Original Message-----
From: Lucas Albers [mailto:admin at cs.montana.edu] 
Sent: Thursday, June 19, 2003 1:32 PM
To: mimedefang at lists.roaringpenguin.com
Subject: Re: [Mimedefang] Re: Too Many Open Files (again?)


I lowered the timeouts on my system, because of dirty slow evil smtp servers
that would just not close the connection, or resolve ip addresses. Before I
did this I usually had 10-20 open stalled connections at a time.

Has not caused ANY problems on ANY connections since I implemented it 6
months ago.

Sample sendmail entries:

dnl this has never caused problems on mail delivery, it just removes
troublesome dnl mailers (spammers that won't resolve ip or similar.)
define(`confTO_COMMAND',240s)dnl

dnl timeout on initial outgoing connection define(`TimoutIconnect=30s')dnl

dnl other items I have configured. define(`ConnectionRateThrottle',8')dnl
limit number of connections per second that are permitted.
define(`confBAD_RCPT_THROTTLE',`2')dnl limit spammers from trolling for
users on the system, reject all mail after 2 bad recipients.


> * Matlock , Justin <JMatlock at innotrac.com>
>> What ended up happening, is these super-slow connections were opening 
>> tons of sockets, but those sockets were never closing.  Sendmail 
>> never timed out, because characters were being sent, just *very* 
>> slowly.
>
> Sendmail has some very conservative timeout values such as 
> Timeout.rcpt, Timeout.datablock, and Timeout.datafinal being set to 1h 
> by default. However, I have not experimented with lowering any of them 
> to potentially avoid such problems as you are seeing.  With lower 
> timeouts, one would expect to see temporary failures and resend 
> attempts rather than slow starvation of resources?
>
> _______________________________________________
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>

_______________________________________________
MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang



More information about the MIMEDefang mailing list