W dniu 14.01.2022 o 22:18, Wietse Venema pisze:
> natan:
> Wietse:
>> Do you know if the problem is a kernel limit or a per-process limit?
>> Does master have 4096 open files (including network sockets: ip,
>> unix-domain, etc.).
> Wietse:
>> BTW that last one was a trick question: you need a huge number of
>> services in master.cf to exceed the 4096 limit. The master needs
>> three sockets for each service with type 'unix' in master.cf;
>> services with type 'inet' require two sockets plus one socket per
>> address in inet_interfaces.
> natan:
>> "Do you know if the problem is a kernel limit or a per-process limit?"
>>
>> I realy dont known where is it the problem - and how diagnose this
>>
>> I long think about kernel limit but ... no have idea
> Were you the person who has a Postfix process limit in the thousands?
> If that is the case, then I suggest that you reduce the Postfix
> process limit to half the number, do "postfix reload", wait for a
> while, and keep reducing the limit to half its value until the
> "resource temporarily unavailable" warnings go away. Also, make
> arrangements for more (and more powerful) servers.
>
> Wietse
I don't know if I am that man with limit thousands
# postconf -nf
default_destination_concurrency_limit = 100
default_destination_recipient_limit = 100
default_process_limit = 1200
delay_warning_time = 0h
disable_vrfy_command = yes
enable_long_queue_ids = yes
lmtp_destination_concurrency_limit = 100
lmtp_destination_recipient_limit = 1
max_idle = 1200s
max_use = 150
policy-spf_time_limit = 3600
smtp_connection_reuse_time_limit = 400s
smtp_data_done_timeout = 1600s
smtp_rcpt_timeout = 900s
smtpd_client_connection_count_limit = 200
smtpd_proxy_timeout = 240s
smtpd_recipient_limit = 100
smtpd_tls_session_cache_timeout = 600s
smtpd_use_tls = yes
smtputf8_enable = no
strict_rfc821_envelopes = yes
# postconf -Mf
smtp inet n - - - 1 postscreen
smtpd pass - - - - 190 smtpd
-o receive_override_options=no_address_mappings
dnsblog unix - - - - 0 dnsblog
tlsproxy unix - - - - 0 tlsproxy
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
maildrop unix - n n - - pipe flags=DRhu
user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe flags=Fqhu
user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe flags=F
user=ftn
argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe flags=Fq.
user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe flags=R
user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
${user} ${extension}
mailman unix - n n - - pipe flags=FR
user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
${user}
smtp-amavis unix - - - - 160 smtp
-o smtp_data_done_timeout=900s
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
#without amavis
10.0.100.5:10025 inet n - n - - smtpd
-o content_filter=
-o recipient_delimiter=+
-o mynetworks_style=host
-o mynetworks=10.0.100.0/24
-o local_recipient_maps=
-o relay_recipient_maps=
-o strict_rfc821_envelopes=yes
-o smtp_tls_security_level=none
-o smtpd_tls_security_level=none
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_end_of_data_restrictions=
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks
#from external amavis
xxx.xxx.xxx.199:10027 inet n - n - 400 smtpd
-o smtpd_proxy_timeout=900s
-o content_filter=
-o mynetworks_style=host
-o mynetworks=10.0.100.0/24,xxx.xxx.xxx.yyy/32
-o local_recipient_maps=
-o relay_recipient_maps=
-o strict_rfc821_envelopes=yes
-o smtp_tls_security_level=none
-o smtpd_tls_security_level=none
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_end_of_data_restrictions=
-o smtpd_data_restrictions=
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks
-o syslog_name=postfix/filtered
mxfilter unix - n n - - spawn user=nobody
argv=/usr/sbin/mxfilter
policy-spf unix - n n - - spawn user=nobody
argv=/usr/bin/policyd-spf
from log:
Jan 17 14:05:05 mailserver postfix/master[55510]: warning:
master_wakeup_timer_event: service qmgr(public/qmgr): Resource
temporarily unavailable
14:05:01 CET
ps -e |grep smtpd |wc -l
267
14:06:01 CET
ps -e |grep smtpd |wc -l
266
# cat /var/log/mail.log |grep "Jan 17 10:10:54" |grep postscreen |grep
CONN |wc -l
27
# cat /var/log/mail.log |grep "Jan 17 14:05:04" |grep postscreen |grep
CONN |wc -l
21
# cat /var/log/mail.log |grep "Jan 17 14:05:05" |grep postscreen |grep
CONN |wc -l
31
# cat /var/log/mail.log |grep "Jan 17 14:05:06" |grep postscreen |grep
CONN |wc -l
22
from log:
Jan 17 10:10:50 thebe4b postfix/postscreen[7103]: warning: cannot
connect to service private/smtpd: Resource temporarily unavailable
time: 10:49:01 CET
ps -e |grep smtpd |wc -l
322
----------------
time: 10:50:01 CET
ps -e |grep smtpd |wc -l
316
----------------
time: 10:51:01 CET
312
more statistic:
# cat /var/log/mail.log |grep "Jan 17 10:10:49" |grep postscreen |grep
CONN |wc -l
37
# cat /var/log/mail.log |grep "Jan 17 10:10:50" |grep postscreen |grep
CONN |wc -l
30
# cat /var/log/mail.log |grep "Jan 17 10:10:51" |grep postscreen |grep
CONN |wc -l
30
# cat /var/log/mail.log |grep "Jan 17 10:10:52" |grep postscreen |grep
CONN |wc -l
30
# cat /var/log/mail.log |grep "Jan 17 10:10:53" |grep postscreen |grep
CONN |wc -l
18
# cat /var/log/mail.log |grep "Jan 17 10:10:54" |grep postscreen |grep
CONN |wc -l
27
This is a strong machine where load average: 0,95, 1,19, 2,08
--
