[Mimedefang] Occasional crashes - out of memory

Paul Murphy pjm at ousekjarr.org
Thu May 18 05:35:36 EDT 2006 


> Dirk Mueller wrote:
> > On Wednesday, 17. May 2006 11:46, Jim Hatfield wrote:
> > 
> >> The machine has 1Gb of swap space and all it does now is mail
> > 
> > You seem to have ulimits set at around 32MB. 
> 
> Hmm, I didn't think so. It's FreeBSD box, the /etc/login.conf
> is stock:
> 
> >         :datasize=unlimited:\
> >         :stacksize=unlimited:\
> >         :memorylocked=unlimited:\
> >         :memoryuse=unlimited:\
> >         :filesize=unlimited:\
> >         :coredumpsize=unlimited:\
> >         :openfiles=unlimited:\
> >         :maxproc=unlimited:\
> >         :sbsize=unlimited:\
> >         :vmemoryuse=unlimited:\

Then you have implemented the limits in MIMEDefang - 

"man mimedefang-multiplexor" :

       -R kbytes
              Limits  the  resident-set size of the slave filter processes to
              kbytes kilobytes.  This limit is not supported on all operating
              systems; it is known to work on Linux.

       -M kbytes
              Limits  the  total  memory  space  of slave filter processes to
              kbytes kilobytes.  This limit is  supported  on  all  operating
              systems  which  support  the  setrlimit(2)  system  call.  This
              should include most modern UNIX systems.

              We recommend that you monitor your slave filter  processes  and
              get a feel for how much memory they use.  You should then limit
              the memory to two or three times the worst-case that  you  have
              observed.   This  can  help  mitigate denial-of-service attacks
              which use complicated MIME messages to force  mimedefang.pl  to
              consume lots of memory.

This is usually set in the init.d script or in mimedefang.conf, e.g.

# Limit slave processes' resident-set size to this many kilobytes.  Default
# is unlimited.
# MX_MAX_RSS=10000

# Limit total size of slave processes' memory space to this many kilobytes.
# Default is unlimited.
# MX_MAX_AS=30000

If you are accepting large messages, then this will need to be tweaked
considerably higher - the old maxim of know your traffic and build your
system and policy based on this knowledge.   Remember that your slave will
need enough memory to hold the message in memory as a MIME::Entity object,
and will also grab some more for virus scanning and SpamAssassin even if you
then decide not to run SA on larger messages, so don't assume that a 5Mb
message needs 5Mb of memory...

Best Wishes,

Paul.

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.392 / Virus Database: 268.6.0/342 - Release Date: 17/05/2006

More information about the MIMEDefang mailing list