From: Gary Faith
Date: 2007-09-03 08:19:05 -0400
Subject: Re: Milter-Ahead Problem - Maybe
More information..: http://www.milter.info/#Support
>>> Anthony Howe <email@example.com> 9/3/2007 3:53 AM >>>
More information..: http://www.milter.info/#Support=20
>>Gary Faith wrote:
>> Problem is that sendmail connections are getting stuck in the "cmd =
>"cmd read" state is sendmail waiting on the SMTP client connection for=20
>the next command. It is not a communication problem with the milters =
>far as I can tell. Sendmail default timeouts will wait upto 3 hours=20
>before timing out.
>> After a lot of testing yesterday, I found that when I use only
>> milter-greylist or milter-ahead, the amount of sendmail processes in
>This is probably completely unrelated, but please read the following:
>to make sure that ALL the default macros are present as they are=20
>required by milter-ahead.
I checked the macro's and they were correct.
>> the "cmd read" state is significantly lower. It seems to be that
>> when they are both running that the problem occurs.
>Have you changed any of the sendmail to milter timeouts in the=20
>INPUT_MAIL_FILTER macro in your .mc file or any of the milter to=20
>sendmail timeouts in milter-ahead.cf?
No, I haven't changed any timeouts. I have since added connection =
>Sending your milter-ahead.cf, mailertable, sendmail.mc for review =
>help maybe (off-list I would suggest).
I would love to do that but your server rejects my e-mail with some funky =
The attached file had the following undeliverable recipient(s):
Transcript of session follows:
Response: 550 5.7.1 black listed URL host 234.mx02.net by =
Which doesn't make a lot of sense because that isn't my host, etc. I sent =
a message to you on the website about it also.
>> found that if I shutdown MailScanner that the "stuck" sendmail
>> processes don't close. I have to use the kill command or the pkill
>> command to get the processes to close (pkill sendmail). Interesting
>> thing is what happens when I issue the pkill sendmail command:
>MailScanner, because of SpamAssassin, can eat CPU cycles especially if=20
>your front end mail queue feeding MailScanner is large. On average =
>many messages due you have in the mail queue?
My message rate is not that high but my sendmail processes are very high. =
I had to set O MaxDaemonChildren=3D25 because of all the processes in "cmd =
MailScanner: YES 5 children
Sendmail: YES 17 proc(s)
Load Average: 0.19 0.12 0.10
>Also check if the servers that milter-ahead connects to are "blind" or=20
>not. No point connecting to a backend mail store that always answers=20
>"yes". If they are Exchange servers, see the SnertSoft FAQ about=20
>fronting for Exchange.
This seems to be working fine.
>I'd recommend turning on more milter-ahead logging. The log fragments=20
>you gave only really show the sendmail side of the picture.
>is typically sufficient. Then observe the progress and timestamps. =
>milter-ahead come before milter-greylist in the .mc file?
Logging has been set like that since you were in my system last year. =
Milter-Ahead comes after milter-greylist in the .mc file.
>However, I suspect the issue is not with the milters. Sendmail being=20
>stuck in cmd read until timeout would indicate to me that some SMTP=20
>clients just don't bother to QUIT and close their sockets if they get =
>temp. fail (grey-listing) or reject (unknown RCPT) response. I've seen=20
>some spamware / bots do this on occasion. Whether it is intentional=20
>(DoS) or just bad programming in the SMTP client is unknown.
Am I the only one seeing this?
>You could try adjusting some of the sendmail server mode timeouts.
I am not sure what to tweak but will research this on the Internet. Any =
Anthony C Howe Skype: SirWumpus SnertSoft
+33 6 11 89 73 78 ICQ: 7116561 Sendmail Milter Solutions
Copyright 2009, 2012 by SnertSoft. All rights reserved.