200160Long time sending
- Jul 1, 2006I know the drill, but before you start in with "show us the logs," consider that this problem is generating some 60MB of logs EACH DAY!I have changed locations and servers, going from a 350MHz G4 to a 2.5GHz quad G5, from 128kB IDSL to 4MB ADSL. (Both are supposed to be "commercial quality" connections, which in this case, simply means more expensive.) "Should be a lot faster," I thought.But sending from other machines on our network takes increasingly long times after starting the server. It has been three days since a restart, and it now takes about 20 seconds pause between hitting "send" and having the message leave the queue.There are over a hundred process entries like the following:postfix 2272 0.0 -0.0 27524 924 ?? S 4:33PM 0:00.03 smtpd -n smtp -t inet -uChecking logs, I am getting 10-20 rejects PER MINUTE! All of them appear to be legit rejects -- generally "User unknown in local recipient table". Although I have had one or two people tell me their legit email was bounced, we seem to be getting most (if not all) our legit email. I suspect the bounces are a result of Inadvertent Denial of Service from the heavy reject traffic.I am using "virtual_maps = hash:/etc/postfix/virtual". I have not set "relay_recipient_maps" nor "local_recipient_maps".I suspect that spammers are hitting me particularly hard because my network segment is known to be a residential high-speed subnet, whereas I rarely got more than a few per minute on my old, slow IDSL subnet -- they didn't bother.I am not doing any particular postfix spam prevention -- but neither was I before, on my IDSL connection.I suspect that the volume of spam rejected is what is causing the extremely slow legit relaying through my SMTP server from machines on my subnet. I have also enabled a few discrete addresses for relaying (via "mynetworks") for places where I frequent wireless networks.So I'm thinking of doing one or more of the following:1) aggressive firewalling to block it BEFORE postfix sees it: CONS: a lot of work, may block legit email, the spammers keep moving2) start a second postfix instance on a different port, and use it exclusively for outbound email: CONS: does nothing to reduce the huge load on my incoming service3) switch IAPs: CONS: a pain in the neck, and they're all resellers, anyway, so I'd probably still end up on the same residential ADSL subnet4) Tweak main.cf somehow that I don't understand: CONS: if postfix still has to look at it, it still slows it down, no?5) Throttle the number of smtpd process instances: CONS: may increase Inadvertent Denial of Service to legit SMTP traffic.6) Your Idea Here! Feel free to steer me to a URL, FAQ, or book.Thanks in advance for any advice offered!
- Next post in topic >>