[milters] Archive

Lists Index Date Thread Search

Article: 1675
From: Gary Faith
Date: 2007-09-03 08:19:05 -0400
Subject: Re: Milter-Ahead Problem - Maybe

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Anthony,
=20
>>> Anthony Howe <achowe@snert.com> 9/3/2007 3:53 AM >>>
Removal...........: milters-request@milter.info?subject=3Dremove=20
More information..: http://www.milter.info/#Support=20
--------------------------------------------------------

>>Gary Faith wrote:
>> Problem is that sendmail connections are getting stuck in the "cmd =
read" state.

>"cmd read" state is sendmail waiting on the SMTP client connection for=20
>the next command. It is not a communication problem with the milters =
as=20
>far as I can tell. Sendmail default timeouts will wait upto 3 hours=20
>before timing out.

>> After a lot of testing yesterday, I found that when I use only
>> milter-greylist or milter-ahead, the amount of sendmail processes in

>This is probably completely unrelated, but please read the following:

>http://www.snert.com/Software/ecartis/index.php?go=3D/milters/2006-06/959=
=20

>to make sure that ALL the default macros are present as they are=20
>required by milter-ahead.

I checked the macro's and they were correct.

>> the "cmd read" state is significantly lower.  It seems to be that
>> when they are both running that the problem occurs.

>Have you changed any of the sendmail to milter timeouts in the=20
>INPUT_MAIL_FILTER macro in your .mc file or any of the milter to=20
>sendmail timeouts in milter-ahead.cf?

No, I haven't changed any timeouts.  I have since added connection =
control.

>Sending your milter-ahead.cf, mailertable, sendmail.mc for review =
would=20
>help maybe (off-list I would suggest).

I would love to do that but your server rejects my e-mail with some funky =
error message:

The attached file had the following undeliverable recipient(s):
	achowe@snert.com=20

Transcript of session follows:
	  Command:  Data...
	  Response: 550 5.7.1 black listed URL host 234.mx02.net by =
.multi.surbl.or	g

Which doesn't make a lot of sense because that isn't my host, etc.  I sent =
a message to you on the website about it also.

>> found that if I shutdown MailScanner that the "stuck" sendmail
>> processes don't close.  I have to use the kill command or the pkill
>> command to get the processes to close (pkill sendmail).  Interesting
>> thing is what happens when I issue the pkill sendmail command:

>MailScanner, because of SpamAssassin, can eat CPU cycles especially if=20
>your front end mail queue feeding MailScanner is large.  On average =
how=20
>many messages due you have in the mail queue?
>Status=20

My message rate is not that high but my sendmail processes are very high.  =
I had to set O MaxDaemonChildren=3D25 because of all the processes in "cmd =
read" state.

MailScanner: YES 5 children
Sendmail: YES 17 proc(s)
Load Average: 0.19  0.12   0.10

>Also check if the servers that milter-ahead connects to are "blind" or=20
>not. No point connecting to a backend mail store that always answers=20
>"yes". If they are Exchange servers, see the SnertSoft FAQ about=20
>fronting for Exchange.

This seems to be working fine.

>I'd recommend turning on more milter-ahead logging. The log fragments=20
>you gave only really show the sendmail side of the picture.

>verbose=3Dinfo,trace,dialog

>is typically sufficient. Then observe the progress and timestamps. =
Does=20
>milter-ahead come before milter-greylist in the .mc file?

Logging has been set like that since you were in my system last year.  =
Milter-Ahead comes after milter-greylist in the .mc file.

>However, I suspect the issue is not with the milters. Sendmail being=20
>stuck in cmd read until timeout would indicate to me that some SMTP=20
>clients just don't bother to QUIT and close their sockets if they get =
a=20
>temp. fail (grey-listing) or reject (unknown RCPT) response. I've seen=20
>some spamware / bots do this on occasion. Whether it is intentional=20
>(DoS) or just bad programming in the SMTP client is unknown.

Am I the only one seeing this?

>You could try adjusting some of the sendmail server mode timeouts.

I am not sure what to tweak but will research this on the Internet.  Any =
suggestions?

--=20
Anthony C Howe          Skype: SirWumpus                    SnertSoft
+33 6 11 89 73 78         ICQ: 7116561      Sendmail Milter Solutions
http://www.snert.com/                 
     http://www.snertsoft.com/=20


Lists Index Date Thread Search