Hi,
I would appreciate any suggestions anyone can offer on the following
problem that I'm having with postfix...
I'm running postfix+pgsql-2.3.3-2.1.el5_2 on a CentOS 5.4 server. I see
what looks likes a server in stress mode as described in
http://www.postfix.org/STRESS_README.html except the odd think about it
is that the server is not heavily loaded and I sure can't see where it's
exceeding any process limits. What's even odder is it doesn't appear
that the stress code is implemented in this version.
If I telnet to port 25 I get an immediate SMTP greeting followed in 10
seconds by
421 4.4.2 mymail.com Error: timeout exceeded
and the connection being closed.
The following maillog entry is logged:
May 3 16:44:06 mymail postfix/smtpd[22573]: timeout after CONNECT from
173-12-149-200.client.myisp.com[173.12.149.200]
This is like this constantly. I see 0-4 smtpd processes on the server
at any one time (I'm not sure if it's limited at 4, I just haven't seen
more). There are a similar number of policy daemons. There is a "-" in
the maxproc field for smtpd in master.cf. From everything I can tell
the default is a limit of 100. I do run a policy daemon
(vpostmaster). I've changed its maxproc field to 0 per the
recommendation in the STRESS_README (and restarted postfix). It's
master.cf entry looks like this...
vpm-pfpolicy unix - n n - 0 spawn
user=vpostmaster argv=/usr/lib/vpostmaster/postfix/vpm-pfpolicy
I also get lots of log entries like this for timeouts on the policy daemon:
May 2 05:36:20 aspen postfix/spawn[6003]: warning:
/usr/lib/vpostmaster/postfix/vpm-pfpolicy: process id 6004: command time
limit exceeded
and occasionally similar timeouts on the transport daemon (which is part
of vpostmaster as well).
My system load (which is running on a Vmware ESXi virtual machine) is:
16:59:36 up 2 days, 22:17, 3 users, load average: 0.08, 0.02, 0.01
Then, on outbound mail, I found this one site that adds delays of 18
seconds before the helo message to their SMTP server. My server cannot
get a message through to that server at all.
I tried adding -o stress= for the smtpd and nothing changed. The
system does not automatically add the stress parameter to smtpd if I
don't add it myself, so I'm not inclined to believe that Centos/Redhat
5.4 has the stress patch applied.
I do not see any slowness in the DNS servers. I have at most 2 RBL
lists that I check.
I did have limits set on the number of connections and timeouts etc, but
I've restored them all to the defaults for purposes of
debugging. I get these timeouts even when there's only one smtpd process.
Some of my config parameters right now are:
ipc_timeout = 3600s
command_time_limit = 1000s
smtpd_error_sleep_time = 1s
smtpd_policy_service_timeout = 100s
smtpd_proxy_timeout = 100s
smtpd_starttls_timeout = 300s
smtpd_timeout = 300s
smtpd_tls_session_cache_timeout = 3600s
smtpd_client_connection_count_limit = 50
smtpd_client_connection_rate_limit = 0
smtpd_client_message_rate_limit = 0
smtpd_client_new_tls_session_rate_limit = 0
smtpd_client_recipient_rate_limit = 0
smtpd_hard_error_limit = 20
smtpd_junk_command_limit = 100
smtpd_recipient_limit = 1000
smtpd_recipient_overshoot_limit = 1000
smtpd_soft_error_limit = 10
THank you,
Nataraj
