[Mimedefang] Result too large
scuba at centroin.com.br
scuba at centroin.com.br
Fri Jun 30 14:28:42 EDT 2006
David,
Yes. I started increasing the max children number for sendmail
trying to aviod many "rejecting connections on daemon host1: 300 children,
max 300". At the time the problems with MD started, I was using 600
children on a single machine.
Only today I read your answer, my "solution" was to start 3
sendmail daemons (binding to it's own IP), and 3 MD instances with
different sockts. Nawadays I'm running 900 children (3x 300 each).
But now I'm getting too many "lost input channel from [IP] to MTA
after rcpt" or "collect: premature EOM: unexpected close".
I already set the RCPT timeout for sendmail, but still get a loot
of connections from different hosts. By now, only hotmail holds 127
connections to one of my MX.
I will try the "-C" option.
Thank you,
- Marcelo Souza
On Fri, 23 Jun 2006, David F. Skoll wrote:
|scuba at centroin.com.br wrote:
|
|> Jun 23 00:00:04 host2 mimedefang[95658]: MIMEDefang-2.54: accept()
|> returned invalid socket (Result too large), try again
|
|This means that the accept() system call returned a file descriptor
|that is larger than FD_SETSIZE. This means you have (for some reason)
|lots and lots of milter threads active.
|
|Do you have a lot of Sendmail processes running? We've seen DoS attacks
|whereby attackers open up thousands of SMTP connections to a machine and
|just sit there doing nothing. This causes lots of Sendmail processes and
|Milter threads to hang around. Even though they don't consume CPU time,
|they do consume memory and (in the case of the milters) file descriptors.
|I recommend adding this to sendmail.mc:
|
| define(`confTO_COMMAND',`5m')dnl
|
|It causes Sendmail to close the connection and exit if the client sits
|idle for five minutes.
|
|Another option is to use the -C option with MIMEDefang. This causes
|the milter not to hold file descriptors open between Milter
|callbacks. (Of course, the milter socket itself is always
|held open, but that's under control of the milter library.)
|See the mimedefang(8) man page for details.
|
|Regards,
|
|David.
|_______________________________________________
|NOTE: If there is a disclaimer or other legal boilerplate in the above
|message, it is NULL AND VOID. You may ignore it.
|
|Visit http://www.mimedefang.org and http://www.roaringpenguin.com
|MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
|http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
|
- Marcelo
More information about the MIMEDefang
mailing list