Package: postfix Version: 3.7.10-0+deb12u1 Severity: wishlist Tags: upstream X-Debbugs-Cc: debbug.post...@sideload.33mail.com
When an outbound smtp command fails, Postfix retries the command *hundreds* of times per second. This was discovered in the course of troubleshooting bug 1069949: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069949 An smtp wrapper script was created which was impacted by a Postfix-unrelated defect. The defect caused an instant failure of the smtp call. The wrapper script logged its own actions in a separate file. Each line of the wrapper script log began with a timestamp like this: 2024-04-27T13:10:30 That exact same timestamp appeared on ~1200 lines in the log file before advancing to the next second. Each execution yields five lines, so the smpt program was apparently called ~240 times per second on very old hardware. A modern machine would have run many times more; probably thousands of times per second. Strangely, /var/log/mail.log only showed output that was timestamped once per second. That is still excessive, but it also raises the question: why is there just 1 line in /var/log/mail.log for every 240 smtp executions? Is result output being lost, or is the logger doing something extra smart and saying “the hundreds of reattempts in the past second all have the same error output, thus we only need to print it once per second”? Either way, this could use improvement. Retrying outbound smtp 240 times per second is crazy. Some tuning parameters are provided¹ but they seem to miss this egress smtp scenario. Ideally the frequency of attempts should be non-linear. A sensible schedule would be something like this: 1st second: 2 attempts 2nd second: 1 attempt 3rd second: 1 attempt 4th second: 0 attempts 5th second: 1 attempt 10th second: 1 attempt Then try once again 20 seconds later, etc, until perhaps going linear on a once per 10 min basis. Assuming the Postfix logger is cleverly consolidating repetitious error messages, that’s great! But it should not conceal the count from the user. This line: 2024-04-25T13:10:28.533021+02:00 MannysHost postfix/smtp[*]: fatal: socket: Function not implemented would be written better as: 2024-04-25T13:10:28.533021+02:00 MannysHost postfix/smtp[*] (240 identical output instances) → fatal: socket: Function not implemented There is also some confusion by the way the docs are written. The section title “Slowing down SMTP clients that make many errors” is ambiguous and implies the case above (the need to control egress SMTP client transmissions). But it’s actually talking about a control on the smtpd server to limit *ingress* traffic from external SMTP clients. ¹ file:///usr/share/doc/postfix/html/TUNING_README.html#slowdown -- System Information: Debian Release: 12.5 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-28-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages postfix depends on: ii adduser 3.134 ii cpio 2.13+dfsg-7.1 ii debconf [debconf-2.0] 1.5.82 ii dpkg 1.21.22 ii e2fsprogs 1.47.0-2 ii init-system-helpers 1.65.2 ii libc6 2.36-9+deb12u6 ii libdb5.3 5.3.28+dfsg2-1 ii libicu72 72.1-3 ii libnsl2 1.3.0-2 ii libsasl2-2 2.1.28+dfsg-10 ii libssl3 3.0.11-1~deb12u2 ii netbase 6.4 ii ssl-cert 1.1.2 Versions of packages postfix recommends: ii ca-certificates 20230311 ii python3 3.11.2-1+b1 Versions of packages postfix suggests: ii emacs-gtk [mail-reader] 1:28.2+1-15 ii libsasl2-modules 2.1.28+dfsg-10 ii mailutils [mail-reader] 1:3.15-4 ii neomutt [mail-reader] 20220429+dfsg1-4.1 pn postfix-cdb <none> ii postfix-doc 3.7.10-0+deb12u1 pn postfix-ldap <none> pn postfix-lmdb <none> pn postfix-mta-sts-resolver <none> pn postfix-mysql <none> ii postfix-pcre 3.7.10-0+deb12u1 pn postfix-pgsql <none> pn postfix-sqlite <none> ii procmail 3.22-27 ii systemd-resolved [resolvconf] 252.22-1~deb12u1 ii ufw 0.36.2-1 -- Configuration Files: /etc/postfix/post-install changed [not included] /etc/postfix/postfix-files changed [not included] /etc/postfix/postfix-script [Errno 2] No such file or directory: '/etc/postfix/postfix-script' -- debconf information: postfix/mydomain_warning: postfix/recipient_delim: + postfix/mailname: /etc/mailname postfix/sqlite_warning: postfix/main_cf_conversion_warning: true postfix/bad_recipient_delimiter: postfix/tlsmgr_upgrade_warning: postfix/destinations: postfix/chattr: false * postfix/main_mailer_type: No configuration postfix/kernel_version_warning: postfix/mynetworks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 postfix/retry_upgrade_warning: postfix/protocols: postfix/root_address: postfix/lmtp_retired_warning: true postfix/newaliases: false postfix/rfc1035_violation: false postfix/procmail: postfix/compat_conversion_warning: true postfix/relay_restrictions_warning: postfix/dynamicmaps_conversion_warning: postfix/relayhost: postfix/mailbox_limit: 0 postfix/not_configured:
