Hi, Thanks for the pointers.
I have looked around and it seems that a higher than default maxproc value is not unusual in large mailhub environments. I treated it as suspicious behaviour since we've been running the same setup for several years (default maxprox (100)) without any problems. Below are the settings I have; TRIPLET_TIME=4m Cleanup is performed 01:30 AM every day. 30 1 * * * /usr/local/policyd/cleanup -c /usr/local/policyd/policyd.conf mysql query: mysql> SELECT _count,_datenew,_datelast FROM triplet WHERE _host='210.98.1' AND _from='[EMAIL PROTECTED]' AND _rcpt='[EMAIL PROTECTED]'; +--------+------------+------------+ | _count | _datenew | _datelast | +--------+------------+------------+ | 0 | 1188547827 | 1188547827 | +--------+------------+------------+ 1 row in set (0.01 sec) postfix main.cf: smtpd_recipient_restrictions = reject_invalid_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unauth_pipelining,permit_mynetworks,reject_unauth_destination, reject_rbl_client sbl.spamhaus.org, reject_rbl_client bl.spamcop.net, #check_policy_service inet:127.0.0.1:2525 check_policy_service inet:127.0.0.1:10031 We are running a DNS cache locally, and policyd is running on a dedicate database server handling all mail related stuff (Postfix transports/virtual users etc). Thanks for the whitelisting tip - at the moment I am not whitelisting anyone but will soon do. Thanks again for your pointers. On 8/31/07, Rianto Wahyudi <[EMAIL PROTECTED]> wrote: > > How often do you run cleanup script ? > How long do you set the triplet expiry ? > > Try selecting a triplet from MySQL and see how long does it take .. > > My other suggestion : > - Make sure that policyd is called after recipient verification / after > blacklist. > - run DNS cache locally > - run RBL locally and combine the zone file so postfix only do 1 lookup for > various RBL. > - Run policyd database on dedicated machine. > - separate incoming mail and outgoing mail server. > > - Try using following DNS_Whitelist. It will help you cut down the number > of triplet in your DB and also, allow almost 80% of email coming from > proper mail server: > ----------------------------+-------------------------------------------------------------+---------+ > | _whitelist | _description > | _expire | > +----------------------------+-------------------------------------------------------------+---------+ > | bigfish.com | # bigfish.com has smtp servers behind > multiple ips | 0 | > | %mail% | mail server > | 0 | > | %smtp% | mail server > | 0 | > | %.server-web.com | webcentral web servers > | 0 | > | %.iserver.net | Verio Webhosting > | 0 | > | %.messagelabs.net | MessageLabs > | 0 | > | %.ev1servers.net | # ev1 hosting company > | 0 | > | %hosting% | # big possibility of running proper mail > server | 0 | > | %mx%.% | # big possibility of running proper mail > server | 0 | > | %server% | # big possibility of running proper mail > server | 0 | > | %post% | # big possibility of running proper mail > server | 0 | > | %exchange% | # big possibility of running proper mail > server | 0 | > | %return% | # big possibility of running proper mail > server | 0 | > | ns1% | # big possibility of running proper mail > server | 0 | > | ns2% | # big possibility of running proper mail > server | 0 | > | %google.com | # Google > | 0 | > | %yahoo.com% | # Yahoo > | 0 | > | %hotmail.com% | # Hotmail > | 0 | > | %mta% | # likely to e a proper mail server > | 0 | > | %pobox.com | # pobox > | 0 | > | %smarthost% | # big possibility of running proper mail > server | 0 | > | %relay% | # big possibility of running proper mail > server | 0 | > | %proxy% | # big possibility of running proper mail > server | 0 | > | %list% | big possibility of mailing list server > | 0 | > | %bounce% | big possibility of mailing list server > | 0 | > | %.shared.server-system.net | # ATO outgoing mail server > | 0 | > | %www% | # big possibility of running proper mail > server | 0 | > | ns3% | # big possibility of running proper mail > server | 0 | > | %.lnk.telstra.net | # Telstra business IP address > | 0 | > | %gw1% | # big possibility of running proper mail > server | 0 | > | %gw2% | # big possibility of running proper mail > server | 0 | > | %gw-% | # big possibility of running proper mail > server | 0 | > | %outbound% | # big possibility of running proper mail > server | 0 | > | %filter% | # big possibility of running proper mail > server | 0 | > > > Hope this help. > > Regards, > Rianto Wahyudi > > > --- "Adela Putri Tirta Belek" > > > > > > > Leon de Jager wrote: > Hi, > > I have a setup of 6 MX servers, each running policyd and a database > server with approximately 9 million records in the triplet table. > > Recently every now and then the MX's starts timing out when attempting > smtp connections to it and on closer inspection I can see the default > maxproc of postfix has been reached. > > Postfix config is pretty standard with virtual mailboxes etc, policyd > has the following enabled; > > FAILSAFE > DATABASE_KEEPALIVE > DAEMON > WHITELISTING > BLACKLIST_HELO > HELO_CHECK > GREYLISTING > > I've set the maxproc to 500 for now and closely monitoring the server > and database server. > > mx03:~# ps aux | grep smtpd | wc -l > 297 > > Has anyone here come across this behaviour? Any suggestions? > Previously I had postfix-gld running and never came across this... > > Many thanks in advance. > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > policyd-users mailing list > policyd-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/policyd-users > > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > policyd-users mailing list > policyd-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/policyd-users > > ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ policyd-users mailing list policyd-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/policyd-users