On 3/7/2012 2:08 PM, Alex wrote: > Okay, great. I don't think I understood your previous post regarding > the IP list and the policy daemon. I'll have to research that further. > All the connections from everbridge.net were from the same IP.
Yeah, smtpd_client_connection_count_limit=1 is the quick, targeted, silver bullet for slowing down bulk mailers. Most legit senders don't open multiple connections unless they have a lot of mail queued to your recipients, which would be gorillas and freemailers (Gmail, Hotmail, Yahoo, etc). But even then the volume is probably low enough that a single connection is sufficient. > I think I made the mistake of possibly combining two issues in the > same email. I had previously adjusted the default_process_limit to 300 > because connections to the server were timing out, not because amavisd > was dying or regarding the bulk senders issue. > I believe then you asked to report back the minimum value that was > possible for this setting, which is why I set it to 100. I then had > the amavisd issue, and combined with removing the reject_rbl from > smtpd_recipient_restrictions and only having it in postscreen, I > thought setting the default_process_limit back to the default of 200 > was reasonable. This was also all on the same host. Well, actually two > hosts; the primary and secondary MX for my domain. Hopefully that's > more clear now. All of your reported problems are related, all due to client connection load. Changing the parameter value mentioned above will likely fix all of these problems. BTW the process limit default is 100, not 200. > The secondary is definitely more idle than the first, even though they > are equally weighted. This can and likely will change over time, as I mentioned. Make your settings the same on all MX hosts. > Yes, understood. There are two MXs for the domain that has the bulk > mailing overload problem and the one I'm adjusting the > default_process_limit. There is one MX for the domain that has the > always_bcc issue and the submission port auth issue. Let's concentrate on the connection load issue. Both servers in question are MX servers, correct? Set smtpd_client_connection_count_limit=1 on both. Leave default_process_limit at the default of 100. That will fix both your queue clogging and timeout problems. > That's awesome. I will read about that further, but very happy to > learn this option exists. That is the option I was trying to describe > all along. It's pretty simple and straightforward, not much to read. Just set it, reload postfix, and take a peek at your mail log or summary tool. -- Stan
