Re: [Dbmail] dbmail hanging

Wed, 29 Oct 2014 08:01:45 -0700 


Am 29.10.2014 um 15:48 schrieb roge...@porta80.com.br:

The /var/log/mail.err file has thousands of this message:
Oct 29 10:49:26 dbmail01 dbmail/imap4d[27550]: Error:[server]
_sock_cb(+582): 24:Too many open files
Oct 29 10:49:26 dbmail01 dbmail/imap4d[27550]: Error:[server]
_sock_cb(+582): 24:Too many open files
Oct 29 10:49:26 dbmail01 dbmail/imap4d[27550]: Error:[server]
_sock_cb(+582): 24:Too many open files
Oct 29 10:49:26 dbmail01 dbmail/imap4d[27550]: Error:[server]
_sock_cb(+582): 24:Too many open files
Oct 29 10:49:26 dbmail01 dbmail/imap4d[27550]: Error:[server]
_sock_cb(+582): 24:Too many open files


please stay on the list!

you likely have too many connections for your OS setup
on systemd-systems "LimitNOFILE=50000" may fix this


in case of sysvinit that needs to happen directly in the sysvunit as far 
as i remember with ulimit (not touched sysvinit for some years)



but in any case you need to ask yourself if your machine can handle that 
much connections or something else goes down



in another post (pleast stay ina thread and try to quote some context) 
you talk about DOS attacks - just limit that properly, see below, you 
can even limit the number for connections for subnet sizes



    0     0 REJECT     tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            multiport dports 110,143,993,995 ctstate NEW 
recent: UPDATE seconds: 1800 hit_count: 100 name: dovecot2 side: source 
mask:

 255.255.255.255 reject-with icmp-port-unreachable

    0     0 REJECT     tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            multiport dports 110,143,993,995 ctstate NEW 
recent: UPDATE seconds: 300 hit_count: 50 name: dovecot1 side: source 
mask: 2

55.255.255.255 reject-with icmp-port-unreachable

    0     0 REJECT     tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            multiport dports 25,465,587 ctstate NEW recent: 
UPDATE seconds: 1800 hit_count: 75 name: postfix2 side: source mask: 255.2

55.255.255 reject-with icmp-port-unreachable

    3   144 REJECT     tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            multiport dports 25,465,587 ctstate NEW recent: 
UPDATE seconds: 300 hit_count: 40 name: postfix1 side: source mask: 255.25

5.255.255 reject-with icmp-port-unreachable

    0     0 DROP       udp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            ctstate NEW recent: UPDATE seconds: 2 hit_count: 
75 name: udpflood side: source mask: 255.255.255.255
    0     0 DROP       tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            ctstate NEW recent: UPDATE seconds: 2 hit_count: 
75 name: DEFAULT side: source mask: 255.255.255.255
    0     0 DROP       tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            multiport dports 25,80,443,465,587 tcp 
flags:0x17/0x02 #conn src/32 > 75
    0     0 DROP       tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            multiport dports 25,80,443,465,587 tcp 
flags:0x17/0x02 #conn src/24 > 150
    0     0 DROP       tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            multiport dports 25,80,443,465,587 tcp 
flags:0x17/0x02 #conn src/16 > 175
    0     0 DROP       tcp  --  eth0   *      !192.168.196.0/24 
  0.0.0.0/0            multiport dports 25,80,443,465,587 tcp 
flags:0x17/0x02 #conn src/8 > 200





Attachment:
signature.asc

Description: OpenPGP digital signature


_______________________________________________
DBmail mailing list
DBmail@dbmail.org
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail






















					Reply via email to