Loading ...
Sorry, an error occurred while loading the content.

200164Re: Long time sending

Expand Messages
  • Brian Collins
    Jul 1, 2006
    • 0 Attachment
      Now if I can encourage you a bit as to why logs and config are helpful
      to us...

      > ...this problem is generating some 60MB of logs EACH DAY!

      One of my mail filters generates 750MB of logs each day. grep is your
      friend, and even a minimal knowledge of regular expressions can help you
      get exactly what you need.

      > I have changed locations and servers, going from a 350MHz G4 to a
      > 2.5GHz quad G5, from 128kB IDSL to 4MB ADSL. (Both are supposed to be
      > "commercial quality" connections, which in this case, simply means
      > more expensive.) "Should be a lot faster," I thought.

      Same mail filter I mentioned above is dual Athlon 900Mhz, 1GB RAM.
      100Mbps NIC, lots-o-bandwidth available to it. Protecting 23,000+ email
      accounts, 150+ email domains. Based on what I've learned from this
      list, that falls into the category of small-to-medium (more small than
      medium).

      > But sending from other machines on our network takes increasingly long
      > times after starting the server. It has been three days since a
      > restart, and it now takes about 20 seconds pause between hitting
      > "send" and having the message leave the queue.

      This is why config is helpful. If we know what your Postfix is doing,
      we (others more than myself, but I'm getting more experience) can help
      point to potential reasons. But your hardware seems fine.

      > Checking logs, I am getting 10-20 rejects PER MINUTE! All of them
      > appear to be legit rejects -- generally "User unknown in local
      > recipient table". Although I have had one or two people tell me their
      > legit email was bounced, we seem to be getting most (if not all) our
      > legit email. I suspect the bounces are a result of Inadvertent Denial
      > of Service from the heavy reject traffic.

      Same mail filter I mentioned above averages 120+ rejects per minute.
      During spam storms it has reached over 1,000 per minute. Keeps ticking
      right along.

      > I suspect that spammers are hitting me particularly hard because my
      > network segment is known to be a residential high-speed subnet,

      Makes sense. I see similar.

      > I am not doing any particular postfix spam prevention -- but neither
      > was I before, on my IDSL connection.

      Again, this is where configs come in handy.

      > I suspect that the volume of spam rejected is what is causing the
      > extremely slow legit relaying through my SMTP server from machines on
      > my subnet. I have also enabled a few discrete addresses for relaying
      > (via "mynetworks") for places where I frequent wireless networks.

      Eek.

      > So I'm thinking of doing one or more of the following:
      >
      >
      > 1) aggressive firewalling to block it BEFORE postfix sees it: CONS: a
      > lot of work, may block legit email, the spammers keep moving

      How would you determine what to block? What criteria will you use?

      > 2) start a second postfix instance on a different port, and use it
      > exclusively for outbound email: CONS: does nothing to reduce the huge
      > load on my incoming service

      Should not be necessary. Your hardware should be able to handle your
      mail load. Another Postfix instance wouldn't help this. Setting up a
      separate outbound server might; but again, you shouldn't have to do
      this.

      > 3) switch IAPs: CONS: a pain in the neck, and they're all resellers,
      > anyway, so I'd probably still end up on the same residential ADSL
      > subnet

      Again, not necessary. Get Postfix working right and you shouldn't need
      to do this

      > 4) Tweak main.cf somehow that I don't understand: CONS: if postfix
      > still has to look at it, it still slows it down, no?

      Not necessarily. It could be (and likely is) that your current
      configuration is exactly the problem. Which is, again, why it's good to
      see it.

      > 5) Throttle the number of smtpd process instances: CONS: may increase
      > Inadvertent Denial of Service to legit SMTP traffic.

      If we could see your configuration we could help you determine whether
      that's a good idea. I think I'm still running the defaults on the
      filter I mentioned above. :)

      > 6) Your Idea Here! Feel free to steer me to a URL, FAQ, or book.

      The Postfix doc is excellent. As well, there are numerous good howtos
      on the net (obviously Google is your friend). If you want a book, I
      recommend Ralf & Patrick's The Postfix Book.

      --Brian


      >
    • Show all 8 messages in this topic