> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Micheal Espinola Jr > Sent: Monday, August 06, 2007 5:10 PM > To: Questions and Answers for users of ASSP Anti-Spam SMTP Proxy > Subject: Re: [Assp-user] SPAM-WARN:Re: ASSP 1.3.3 Unresponsive > > Michael Thomas - Mathbox wrote: > > It is an absolute possiblity. If you are using unmodified > Windows DNS, > > NET:DNS will tie up CPU resources waiting for Windows DNS > to time out on > > non-existent/very slow name servers during MX/A/PTR checks. > On the otherhand > > RBLs normally respond in a resonable fashion, so RBL checks > are rarely an > > issue. > > "unmodified" ? What do you mean? >
Windows DNS Server's recursion timeout is 21 seconds. Its recursion retry is 3. So, counting the original attempt and up to 3 retries, that is 4 * 21 = 81 seconds before the DNS server reports a failure. (Does anyone know if NET:DNS performs retries?) If NET:DNS did one retry, then NET:DNS could go away from 0 to 160 seconds. So, I set my DNS recursion timeout to 5 seconds and recursion retries to 1. Restart the DNS Server service. Now ASSP rarely hangs. If it does, it is never for more that 20 seconds. A vast improvement. Here is the registry path to the DNS Server parameters: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\Recursio nTimeout HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\Recursio nRetry Both values are DWORD. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
