Hi,
I'm running a stress test against Postfix, running smtp-source command with
1.000 parallel connections from one source IP.
When postscreen is active, at about 400-460 connections I get "421 4.3.2 All
server ports are busy".
For 1-2 days I tried to find a solution in the postscreen documenta
Marius Gologan:
> I'm running a stress test against Postfix, running smtp-source command with
> 1.000 parallel connections from one source IP.
> When postscreen is active, at about 400-460 connections I get "421 4.3.2 All
> server ports are busy".
Please do not blame the messenger of the bad news.
Wietse Venema:
> Marius Gologan:
> > I'm running a stress test against Postfix, running smtp-source command with
> > 1.000 parallel connections from one source IP.
> > When postscreen is active, at about 400-460 connections I get "421 4.3.2 All
> > server ports are busy".
>
> Please do not blame t
Thank you.
Marius.
-Original Message-
From: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema
Sent: Tuesday, August 26, 2014 2:43 PM
To: Postfix users
Subject: Re: Postscreen - max parallel incoming connections
Wietse Venema:
> Marius Gol
Hi again,
Here is the output of postconf -n for this interface:
alias_database = hash:/etc/postfix-internal/aliases
alias_maps = hash:/etc/postfix-internal/aliases
allow_percent_hack = no
alternate_config_directories = /etc/postfix-internal, /etc/postfix-external
body_checks = pcre:/etc/postfix-i
> On 08/26/2014 12:56 AM, Viktor Dukhovni wrote:
>> Are there any reasons against using chrooted smtp ?
>
> Chroot jails require an expert administrator, able to trouble-shoot
> problems with plugins or system libraries that depend on resources
> that may not exist in the jail.
>
> Debian made th
> Any thoughts on next steps without having to contact the target
> domains? I have read about disabling TLSEXT_TYPE_PADDING when
> compiling OpenSSL - would this be my next step, or was this somehow
> fixed in the releases we are using? Any other way I could simulate
> this problem, as we have h
Martin Vegter:
> > On 08/26/2014 12:56 AM, Viktor Dukhovni wrote:
> >> Are there any reasons against using chrooted smtp ?
> >
> > Chroot jails require an expert administrator, able to trouble-shoot
> > problems with plugins or system libraries that depend on resources
> > that may not exist in th
> On 08/26/2014 03:13 PM, Wietse Venema wrote:
> Martin Vegter:
>>> On 08/26/2014 12:56 AM, Viktor Dukhovni wrote:
Are there any reasons against using chrooted smtp ?
>>>
>>> Chroot jails require an expert administrator, able to trouble-shoot
>>> problems with plugins or system libraries that
- Forwarded message from Stephen Satchell -
> Marius Gologan:
>> I'm running a stress test against Postfix, running smtp-source command with
>> 1.000 parallel connections from one source IP.
>> When postscreen is active, at about 400-460 connections I get "421 4.3.2 All
>> server ports are
Martin Vegter:
> >> May I ask list members an opinion?
> >> Now when chroot works, is it recommended to use it? Does it provide an
> >> extra layer of security?
> >
> > That depends on what else is running in your system. Besides a small
> > unprivileged Postfix network daemon inside a chroot jail
Hi everybody,
I'm doing an installation of our university main mail gateway. Assume,
that with one postfix instance I want to receive mail mx-1.domain.tld
(inbound policy) and provide mail services to our employees with
smtp.domain.tld (outbound policy). My postfix instance should listen on
mx-1.d
On Tue, Aug 26, 2014 at 05:17:08PM +0300, Nerijus Kislauskas wrote:
> I'm doing an installation of our university main mail gateway. Assume,
> that with one postfix instance I want to receive mail mx-1.domain.tld
> (inbound policy)
The MX hostname is irrelevant, some machine name or other will
ap
Hi, everybody:
How do you do ? I want to setup a mail server in Debian, and want to use
postfix+dovecot+mysql. Is there any documents can i used?
Best Regard!
Leon Wei
E-mail: leon...@mail.kingdest.com
Am 26.08.2014 um 18:21 schrieb leonwei:
Hi, everybody:
How do you do ? I want to setup a mail server in Debian, and want to use
postfix+dovecot+mysql. Is there any documents can i used?
Best Regard!
Leon Wei
E-mail: leon...@mail.kingdest.com
Well written and comprehensive guide to start of
Hi
I need some help getting cyrus-sasl-2.1.26 working on postfix-2.10.3 on AIX
6.1.
I want to use it only for upstream authentication, that is I am not running it
as a daemon on the machine, I only want postfix to use authentication when it
contacts it upstream mailrelay.
It appears that it does
On 8/22/2014 4:17 AM, Wietse Venema wrote:
Darren Pilgrim:
Postfix doesn't appear to do alias resolution on the REDIRECT'ed
address. Do I need to add something to a setting that controls
lookups on redirects?
REDIRECT addresses are currently not subject to "before queue"
address rewriting. Th
On Tue, Aug 26, 2014 at 08:33:22PM +0200, Ole Heiberg Michaelsen wrote:
> # cat sasl_pw
> [upstreamrelay]:25 user01:xxx
Is the nexthop relay (relayhost in main.cf or transport
nexthop) specified as:
1. upstreamrelay
2. [upstreamrelay]
3. upstreamrelay:25
4. [upstreamrela
Darren Pilgrim:
> On 8/22/2014 4:17 AM, Wietse Venema wrote:
> > Darren Pilgrim:
> >> Postfix doesn't appear to do alias resolution on the REDIRECT'ed
> >> address. Do I need to add something to a setting that controls
> >> lookups on redirects?
> >
> > REDIRECT addresses are currently not subject
On 8/26/2014 12:12 PM, Wietse Venema wrote:
Darren Pilgrim:
On 8/22/2014 4:17 AM, Wietse Venema wrote:
Darren Pilgrim:
Postfix doesn't appear to do alias resolution on the REDIRECT'ed
address. Do I need to add something to a setting that controls
lookups on redirects?
REDIRECT addresses are
Our mail server is still getting a nice steady supply of email, so I didn't
realize anything was wrong. The a freind said that emails from her office
address were getting rejected. I checked the logs and noticed that she
wasn't the only one getting the message.
Before the line below, my friend's e
Ian Evans:
> Our mail server is still getting a nice steady supply of email, so I didn't
> realize anything was wrong. The a freind said that emails from her office
> address were getting rejected. I checked the logs and noticed that she
> wasn't the only one getting the message.
>
> Before the li
On Tue, Aug 26, 2014 at 7:21 PM, Wietse Venema wrote:
> Ian Evans:
> > Our mail server is still getting a nice steady supply of email, so I
> didn't
> > realize anything was wrong. The a freind said that emails from her office
> > address were getting rejected. I checked the logs and noticed that
Ian Evans:
> Aug 26 08:34:05 carson postfix/smtpd[16374]: warning: problem talking to
> server private/policy-spf: Connection timed out
This Postfix SMTP server time limit is specified with the
smtpd_policy_service_timeout parameter (default: 100s).
Your SPF script should reply in 10 seconds at
On Tue, Aug 26, 2014 at 8:21 PM, Wietse Venema wrote:
> Ian Evans:
> > Aug 26 08:34:05 carson postfix/smtpd[16374]: warning: problem talking to
> server private/policy-spf: Connection timed out
>
> This Postfix SMTP server time limit is specified with the
> smtpd_policy_service_timeout parameter
On Tue, Aug 26, 2014 at 8:21 PM, Wietse Venema wrote:
> Ian Evans:
> > Aug 26 08:34:05 carson postfix/smtpd[16374]: warning: problem talking to
> server private/policy-spf: Connection timed out
>
> This Postfix SMTP server time limit is specified with the
> smtpd_policy_service_timeout parameter
26 matches
Mail list logo
