200164Re: Long time sending
- Jul 1, 2006Now if I can encourage you a bit as to why logs and config are helpful
> ...this problem is generating some 60MB of logs EACH DAY!One of my mail filters generates 750MB of logs each day. grep is your
friend, and even a minimal knowledge of regular expressions can help you
get exactly what you need.
> I have changed locations and servers, going from a 350MHz G4 to aSame mail filter I mentioned above is dual Athlon 900Mhz, 1GB RAM.
> 2.5GHz quad G5, from 128kB IDSL to 4MB ADSL. (Both are supposed to be
> "commercial quality" connections, which in this case, simply means
> more expensive.) "Should be a lot faster," I thought.
100Mbps NIC, lots-o-bandwidth available to it. Protecting 23,000+ email
accounts, 150+ email domains. Based on what I've learned from this
list, that falls into the category of small-to-medium (more small than
> But sending from other machines on our network takes increasingly longThis is why config is helpful. If we know what your Postfix is doing,
> times after starting the server. It has been three days since a
> restart, and it now takes about 20 seconds pause between hitting
> "send" and having the message leave the queue.
we (others more than myself, but I'm getting more experience) can help
point to potential reasons. But your hardware seems fine.
> Checking logs, I am getting 10-20 rejects PER MINUTE! All of themSame mail filter I mentioned above averages 120+ rejects per minute.
> appear to be legit rejects -- generally "User unknown in local
> recipient table". Although I have had one or two people tell me their
> legit email was bounced, we seem to be getting most (if not all) our
> legit email. I suspect the bounces are a result of Inadvertent Denial
> of Service from the heavy reject traffic.
During spam storms it has reached over 1,000 per minute. Keeps ticking
> I suspect that spammers are hitting me particularly hard because myMakes sense. I see similar.
> network segment is known to be a residential high-speed subnet,
> I am not doing any particular postfix spam prevention -- but neitherAgain, this is where configs come in handy.
> was I before, on my IDSL connection.
> I suspect that the volume of spam rejected is what is causing theEek.
> extremely slow legit relaying through my SMTP server from machines on
> my subnet. I have also enabled a few discrete addresses for relaying
> (via "mynetworks") for places where I frequent wireless networks.
> So I'm thinking of doing one or more of the following:How would you determine what to block? What criteria will you use?
> 1) aggressive firewalling to block it BEFORE postfix sees it: CONS: a
> lot of work, may block legit email, the spammers keep moving
> 2) start a second postfix instance on a different port, and use itShould not be necessary. Your hardware should be able to handle your
> exclusively for outbound email: CONS: does nothing to reduce the huge
> load on my incoming service
mail load. Another Postfix instance wouldn't help this. Setting up a
separate outbound server might; but again, you shouldn't have to do
> 3) switch IAPs: CONS: a pain in the neck, and they're all resellers,Again, not necessary. Get Postfix working right and you shouldn't need
> anyway, so I'd probably still end up on the same residential ADSL
to do this
> 4) Tweak main.cf somehow that I don't understand: CONS: if postfixNot necessarily. It could be (and likely is) that your current
> still has to look at it, it still slows it down, no?
configuration is exactly the problem. Which is, again, why it's good to
> 5) Throttle the number of smtpd process instances: CONS: may increaseIf we could see your configuration we could help you determine whether
> Inadvertent Denial of Service to legit SMTP traffic.
that's a good idea. I think I'm still running the defaults on the
filter I mentioned above. :)
> 6) Your Idea Here! Feel free to steer me to a URL, FAQ, or book.The Postfix doc is excellent. As well, there are numerous good howtos
on the net (obviously Google is your friend). If you want a book, I
recommend Ralf & Patrick's The Postfix Book.
- << Previous post in topic Next post in topic >>