On 04/03/2015 12:58 AM, Nigel Kukard via Users wrote: > On 04/03/2015 06:00 AM, Vincent Canfield wrote: >> Hello, >> >> I run a mailing list with approximately 200 subscribers. To combat abuse >> on the open-registration mail server, I am trying to use policyd to >> impose various restrictions on outgoing mail. >> >> The trouble comes in with my mail server. It seems every message is >> being delayed by one second when policyd is enabled. This means that for >> 200 subscribers, a message will take around 3:20 to deliver. Here are >> logs demonstrating: >> >> /var/log/maillog: >>> Apr 3 01:35:54 (snip) postfix/local[26564]: CD5A526111C: >>> to=<[email protected]>, relay=local, delay=0.52, delays=0.4/0.02/0/0.1, >>> dsn=2.0.0, status=sent (delivered to command: /usr/lib/mailman/mail/mailman >>> post mailman) >>> Apr 3 01:35:54 (snip) postfix/virtual[26235]: BA64B261124: >>> to=<(snip)@cock.li>, relay=virtual, delay=1.2, delays=1/0.02/0/0.11, >>> dsn=2.0.0, status=sent (delivered to maildir) >> /var/log/cbpolicyd.log >>> [2015/04/03-01:53:42 - 31020] [CORE] INFO: 2015/04/03-01:53:42 CONNECT TCP >>> Peer: "[::ffff:127.0.0.1]:54825" Local: "[::ffff:127.0.0.1]:10031" >> (not the line for the same email, but the same contents) >> >> This is much longer than the list is used to waiting for messages, and >> is causing a lot of confusion. This list posts as many as 8500 messages >> in a month, so the 200 subscribers are pretty actively posting and >> monitoring the list. This has been enough for me to disable policyd in >> the past, but abuse is increasing and I really do need policyd to help. >> >> There are two ways I see to resolve this problem: >> >> 1. Rapidly speed up policyd performance >> >> 2. Provide mailman with a means to bypass policyd altogether. >> >> For 1, I've tried profiling MySQL queries, but it doesn't seem that's >> the bottleneck here as nothing shows up in slowlog with long_query_time >> = 0.1. CPU usage also does not spike during this time, so it doesn't >> seem to be too computationally expensive. >> >> The only policyd settings I have set are "Policies -> Main", and >> "Policies -> Groups" at their default values. Everything else (Access >> Control, HELO/EHLO Checks, SPF Checks, Greylisting, Quotas, and Amavis >> Integration) is either deleted or disabled. >> >> For 2, I tried setting up another line in master.cf with an alternate >> port that reset the smtpd_recipient_restrictions and >> smtpd_end_of_data_restrictions variables. This doesn't seem to have worked. >> >> Any help on this issue would be very much appreciated. Let me know if >> there's anything else I can provide to give more insight into this. > > Please see http://wiki.policyd.org/support#how_to_ask_for_help , you > have not provided any information which can be used to help you. > > You are more than likely not running the latest version. > > The 1 second delay is due to pipelining which was ignored and fixed in > Dec 2012 ref > https://gitlab.devlabs.linuxassist.net/policyd/policyd/commit/ce7e411b4828c18e122ad643745b80633efad77b
You are correct! While running cbpolicyd --help returned version 2.0.14-1, checking installed packages shows I was running something like 2.0.10-1. (Re?)installing from the RPM on the website has fixed this problem for me. Thanks for your help, Nigel, and if I need help in the future I will be sure to include the asked-for information. _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
