On 04/03/2015 06:00 AM, Vincent Canfield wrote: > Hello, > > I run a mailing list with approximately 200 subscribers. To combat abuse > on the open-registration mail server, I am trying to use policyd to > impose various restrictions on outgoing mail. > > The trouble comes in with my mail server. It seems every message is > being delayed by one second when policyd is enabled. This means that for > 200 subscribers, a message will take around 3:20 to deliver. Here are > logs demonstrating: > > /var/log/maillog: >> Apr 3 01:35:54 (snip) postfix/local[26564]: CD5A526111C: >> to=<[email protected]>, relay=local, delay=0.52, delays=0.4/0.02/0/0.1, >> dsn=2.0.0, status=sent (delivered to command: /usr/lib/mailman/mail/mailman >> post mailman) >> Apr 3 01:35:54 (snip) postfix/virtual[26235]: BA64B261124: >> to=<(snip)@cock.li>, relay=virtual, delay=1.2, delays=1/0.02/0/0.11, >> dsn=2.0.0, status=sent (delivered to maildir) > /var/log/cbpolicyd.log >> [2015/04/03-01:53:42 - 31020] [CORE] INFO: 2015/04/03-01:53:42 CONNECT TCP >> Peer: "[::ffff:127.0.0.1]:54825" Local: "[::ffff:127.0.0.1]:10031" > (not the line for the same email, but the same contents) > > This is much longer than the list is used to waiting for messages, and > is causing a lot of confusion. This list posts as many as 8500 messages > in a month, so the 200 subscribers are pretty actively posting and > monitoring the list. This has been enough for me to disable policyd in > the past, but abuse is increasing and I really do need policyd to help. > > There are two ways I see to resolve this problem: > > 1. Rapidly speed up policyd performance > > 2. Provide mailman with a means to bypass policyd altogether. > > For 1, I've tried profiling MySQL queries, but it doesn't seem that's > the bottleneck here as nothing shows up in slowlog with long_query_time > = 0.1. CPU usage also does not spike during this time, so it doesn't > seem to be too computationally expensive. > > The only policyd settings I have set are "Policies -> Main", and > "Policies -> Groups" at their default values. Everything else (Access > Control, HELO/EHLO Checks, SPF Checks, Greylisting, Quotas, and Amavis > Integration) is either deleted or disabled. > > For 2, I tried setting up another line in master.cf with an alternate > port that reset the smtpd_recipient_restrictions and > smtpd_end_of_data_restrictions variables. This doesn't seem to have worked. > > Any help on this issue would be very much appreciated. Let me know if > there's anything else I can provide to give more insight into this.
Please see http://wiki.policyd.org/support#how_to_ask_for_help , you have not provided any information which can be used to help you. You are more than likely not running the latest version. The 1 second delay is due to pipelining which was ignored and fixed in Dec 2012 ref https://gitlab.devlabs.linuxassist.net/policyd/policyd/commit/ce7e411b4828c18e122ad643745b80633efad77b . _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
