[Mimedefang] Result too large
David F. Skoll
dfs at roaringpenguin.com
Fri Jun 23 19:55:59 EDT 2006
scuba at centroin.com.br wrote:
> Jun 23 00:00:04 host2 mimedefang: MIMEDefang-2.54: accept()
> returned invalid socket (Result too large), try again
This means that the accept() system call returned a file descriptor
that is larger than FD_SETSIZE. This means you have (for some reason)
lots and lots of milter threads active.
Do you have a lot of Sendmail processes running? We've seen DoS attacks
whereby attackers open up thousands of SMTP connections to a machine and
just sit there doing nothing. This causes lots of Sendmail processes and
Milter threads to hang around. Even though they don't consume CPU time,
they do consume memory and (in the case of the milters) file descriptors.
I recommend adding this to sendmail.mc:
It causes Sendmail to close the connection and exit if the client sits
idle for five minutes.
Another option is to use the -C option with MIMEDefang. This causes
the milter not to hold file descriptors open between Milter
callbacks. (Of course, the milter socket itself is always
held open, but that's under control of the milter library.)
See the mimedefang(8) man page for details.
More information about the MIMEDefang