From: Taylor, Grant
Date: 2005-05-20 11:11:48 -0400
Subject: Re: Problem (mis-configuration?) with Milter-Sender
More information..: http://www.milter.info/#Support
> The error should NOT appear if GreyListRejectCount=0. You did remember
> to restart the milter? The code in two places looks like this. I don't
> cache the error message text.
Yes. I am not running milter-sender through standard init.d scripts but rather having
INIT take care of it for me. So I go in to inittab and remark it and then "telinit
q" which will shut down things that should not be running (ps ax confirms this).
Then I go back in to inittab and unremark it and then "telinit q" and
milter-sender starts back up just like it should. The only thing I did different this
time (in addition to the changes you suggested below) was to restart sendmail as well.
> BUT if a previously "rejected, too many recent retries" was downgraded
> in the cache to a rejection, then you might continue to see rejects with
> another message until it expired from the cache. However, you've set
> CacheRejectTTL=0, which should purge those entries on the next
> CacheGcFrequency interval.
*nod* I thought of this as well and per your message the other day I did remove my cache
file with milter-sender shut down.
>>CacheGcFrequency=3600 # cache garbage collection frequency
> Lower this to like 10 or 20 for half a day or simply throw out the cache
> and start with a fresh one (stop, remove cache, start). This is most
> likely the problem. The cache is not GC'd on a restart (hmmm, something
> to consider).
I would be willing to do this if you think it has merit, though I have removed the cache
file with milter-sender stopped. (I know that I've lost all my cached good info too, but
I'm trying to solve a problem here.
> I don't know what your server load is on this machine, but 3600 might be
> a little high for a small to moderate load. For an ISP this might be
> suitable. Remember, garbage collections happens after N client
> connections. On my server I doubt I would see 3600 connections in 36
> hours, while an ISP or a large business might see this in 30 minutes.
I have about 200 users on this server so the email load is not much at all, but more than
>>CacheGreyListTTL=0 # cache time-to-live in seconds for grey-list
>>temporary entries, 0 = disable
> Setting this to zero disables grey-listing entirely.
>>GreyListBlockTime=0 # grey list block time in seconds, must be less
> I'd recommend this be set to something none zero. At least 60s. I would
> not put it past a spammer to connect once, get tempfailed, and try again
> immediately in attempt to foil grey-listing.
>>GreyListRejectCount=0 # reject too many attempts during the grey
>>list block time, 0 = disable
> Setting this to zero is all you need to disable the reject counter and
> its error message.
*nod* This is what I thought, hens my email asking for help. :) I'm starting to wonder
if I might need to recompile my milter-sender with a more recent version.
>>SkipAuthenticatedSender=0 # skip the milter if the sender
>>successfully authenticated themselves
> Huh? Not related to grey-listing but odd to see it disabled.
I don't have any SMTP-Auth users on this box, even if I did I would want to force them to
have valid information in their outbound emails in case they have a spam bot on their
Grant. . . .
Copyright 2009, 2012 by SnertSoft. All rights reserved.