Hi,
I built a dual-Xeon quad-core box with 8GB using fedora15 and
postfix-v2.8.5 and during various times during the day connections to
port 25 timeout or are very slow. The majority of times this happens
is under peak loads, but even times when it's not at capacity it may
do this.
I have a similar box with lesser hardware, which I believe processes
as much mail, and it never occurs there, using very similar
configuration. Where should I look to troubleshoot something like
this?
In master.cf I have tried to adjust the number of smtp and smtpd
processes to between equal-to and double the number of processor
cores, but it doesn't seem to make any difference.
Could this be a TCP limit, or is it most assuredly a postfix limit?
I hope this isn't a FAQ because I've searched a bit, but confused by
all the potential options and not sure where to look specifically.
Tuning advice and general guidance would be appreciated. I've attached
my postfinger output below.
postfinger - postfix configuration on Wed Nov 16 20:52:22 EST 2011
version: 1.30
--System Parameters--
mail_version = 2.8.5
hostname = mail01.example.com
uname = Linux mail01.example.com 2.6.40.6-0.fc15.x86_64 #1 SMP Tue Oct
4 00:39:50 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
--Packaging information--
looks like this postfix comes from RPM package: postfix-2.8.5-1.fc15.x86_64
--main.cf non-default parameters--
alias_maps = hash:/etc/aliases
allow_mail_to_files = alias,forward
always_bcc = bcc-user
biff = no
body_checks = regexp:/etc/postfix/body_checks.pcre
content_filter = smtp-amavis:[127.0.0.1]:10024
default_process_limit = 140
delay_warning_time = 4h
disable_vrfy_command = yes
header_checks =
pcre:/etc/postfix/header_checks.pcre
pcre:/etc/postfix/header_checks-jimsun.pcre
initial_destination_concurrency = 20
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 2000000000
manpage_directory = /usr/share/man
maximal_queue_lifetime = 2d
message_size_limit = 13312000
mydestination = $myhostname, localhost.$mydomain
mynetworks = 127.0.0.0/8, 192.168.1.0/24, 192.168.6.0/24,
68.XXX.YYY.40/29, 64.XXX.YYY.0/27, 206.XXX.YYY.45/32,
206.XXX.ZZZ.45/32,160.XXX.YYY.1
rbl_reply_maps = ${stress?hash:/etc/postfix/rbl_reply_maps}
readme_directory = /usr/share/doc/postfix-2.8.5/README_FILES
relay_domains = $mydestination, $transport_maps, example1.com,
dom2.example.com, dom1.example.com, example.com
sample_directory = /usr/share/doc/postfix-2.8.5/samples
smtpd_recipient_restrictions =
reject_non_fqdn_recipient, check_client_access
hash:/etc/postfix/client_checks_special, check_sender_access
hash:/etc/postfix/sender_checks_special, reject_non_fqdn_sender,
reject_unlisted_recipient, permit_mynetworks,
reject_unauth_destination, reject_unknown_sender_domain,
reject_unknown_recipient_domain, check_helo_access
pcre:/etc/postfix/helo_checks.pcre, reject_invalid_helo_hostname,
check_client_access
hash:/etc/postfix/client_checks, check_sender_access
hash:/etc/postfix/sender_checks, check_recipient_access
pcre:/etc/postfix/relay_recips_segtravel, check_recipient_access
pcre:/etc/postfix/relay_recips_access, check_recipient_access
pcre:/etc/postfix/property_recip_map, check_recipient_access
pcre:/etc/postfix/recipient_checks, check_recipient_access
pcre:/etc/postfix/bwi_relay_recip_checks, check_recipient_access
pcre:/etc/postfix/relay_recips_ecartis, reject_rbl_client
zen.spamhaus.org, reject_rbl_client psbl.surriel.com, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname, mail01.example.com
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_sender_login_mismatch
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database =
btree:/var/lib/postfix/smtpd_tls_session_cache
smtp_tls_CAfile = /etc/pki/tls/cacert.pem
smtp_use_tls = yes
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = hash:/etc/postfix/virtual,
hash:/etc/postfix/virtual-segtravel
--master.cf--
smtp inet n - n - - smtpd
-o receive_override_options=no_address_mappings
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
smtp-amavis unix - - n - 6 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - 6 smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
-o local_header_rewrite_clients=
bwi unix - - n - - smtp
-o fallback_relay=[206.XXX.ZZZ.20]
csbwi unix - - n - - smtp
-o fallback_relay=[206.XXX.YYY.20]
-- end of postfinger output --
Thanks,
Alex
