Hi, We are upgrading our postfix instances from 2.9.6 to 2.10.1.
On our moderately busy (800 connections/minute) incoming mailservers I noticed that postscreen did not pass connections through to smtpd- instances for some 90 seconds. Here's the semi-automated stop and start: Aug 19 12:31:46 host02 mx0/master[12831]: terminating on signal 15 Aug 19 12:31:46 host02 mx0/postfix-script[16590]: starting the Postfix mail system During the period of outage I see: Aug 19 12:33:18 host02 mx0/postscreen[16598]: PASS OLD [157.55.2.20]:50154 Aug 19 12:33:19 host02 mx0/postscreen[16598]: PASS NEW [59.40.157.135]:1230 Aug 19 12:33:19 host02 mx0/postscreen[16598]: PASS OLD [64.79.84.178]:52424 Aug 19 12:33:19 host02 mx0/postscreen[16598]: PASS OLD [88.148.95.6]:1555 Aug 19 12:33:20 host02 mx0/postscreen[16598]: PASS NEW [85.243.61.94]:12852 Aug 19 12:33:21 host02 mx0/postscreen[16598]: CONNECT from [212.54.34.165]:57502 to [145.58.30.181]:25 Aug 19 12:33:21 host02 mx0/postscreen[16598]: PASS OLD [212.54.34.165]:57502 Aug 19 12:33:21 host02 mx0/postscreen[16598]: CONNECT from [95.87.61.111]:1735 to [145.58.30.181]:25 Aug 19 12:33:21 host02 mx0/postscreen[16598]: PASS OLD [95.87.61.111]:1735 Aug 19 12:33:22 host02 mx0/postscreen[16598]: CONNECT from [213.135.174.189]:64295 to [145.58.30.181]:25 Aug 19 12:33:22 host02 mx0/postscreen[16598]: CONNECT from [200.124.239.209]:59105 to [145.58.30.181]:25 Aug 19 12:33:22 host02 mx0/postscreen[16598]: PASS OLD [200.124.239.209]:59105 Aug 19 12:33:22 host02 mx0/postscreen[16598]: CONNECT from [200.124.239.209]:59104 to [145.58.30.181]:25 Aug 19 12:33:22 host02 mx0/postscreen[16598]: PASS OLD [200.124.239.209]:59104 Aug 19 12:33:23 host02 mx0/postscreen[16598]: CONNECT from [200.92.242.208]:41357 to [145.58.30.181]:25 Aug 19 12:33:23 host02 mx0/postscreen[16598]: PASS OLD [200.92.242.208]:41357 Aug 19 12:33:24 host02 mx0/postscreen[16598]: CONNECT from [82.166.162.225]:52138 to [145.58.30.181]:25 Aug 19 12:33:24 host02 mx0/postscreen[16598]: CONNECT from [82.166.162.225]:52139 to [145.58.30.181]:25 Aug 19 12:33:24 host02 mx0/postscreen[16598]: CONNECT from [82.166.162.225]:52140 to [145.58.30.181]:25 So nothing gets accepted. Connecting to it at that time results in a connection without response: $ swaks -s mx0.mail.omroep.nl -t ... -f ... === Trying mx0.mail.omroep.nl:25... === Connected to mx0.mail.omroep.nl. <** Timeout (30 secs) waiting for server response Looking in the logs I found: Aug 19 12:33:30 host02 mx0/postscreen[16515]: warning: timeout sending connection to service private/smtpd4 Aug 19 12:33:30 host02 mx0/smtpd[16609]: warning: pass_accept_attr: cannot receive connection attributes: Numerical result out of range Aug 19 12:33:30 host02 mx0/smtpd[16609]: error: accept connection: Numerical result out of range Aug 19 12:33:30 host02 mx0/postscreen[16598]: warning: timeout sending connection to service private/smtpd4 Aug 19 12:33:30 host02 mx0/postscreen[16598]: warning: timeout sending connection to service private/smtpd4 After this postfix seem to behave as expected. I have not made any configuration changes, not even smtpd_relay_restrictions so the compiled-in default should apply. I have 2 postscreen instances running from master.cf, one for ipv4 and another for ipv6: 145.58.30.181:25 inet n - n - 1 postscreen -o smtpd_service_name=smtpd4 -o postscreen_cache_map=$data_directory/postscreen_cache_v4 2a02:458:101:30::b5:25 inet n - n - 1 postscreen -o smtpd_service_name=smtpd6 -o postscreen_cache_map=$data_directory/postscreen_cache_v6 This seems to occur only when upgrading. A stop/start with the same version, either 2.9.6 of 2.10.1, seems to work without a problem. Does anyone have an explanation for this? -- Leo Baltus, internetbeheerder /\ NPO ICT Internet Services /NPO/\ Sumatralaan 45, 1217 GP Hilversum, Filmcentrum, west \ /\/ serviced...@omroep.nl, 035-6773555 \/
