Hi,
Thanks for the pointers.
I have looked around and it seems that a higher than default maxproc
value is not unusual in large mailhub environments.
I treated it as suspicious behaviour since we've been running the same
setup for several years (default maxprox (100)) without any problems.
Below are the settings I have;
TRIPLET_TIME=4m
Cleanup is performed 01:30 AM every day.
30 1 * * * /usr/local/policyd/cleanup -c /usr/local/policyd/policyd.conf
mysql query:
mysql> SELECT _count,_datenew,_datelast FROM triplet WHERE
_host='210.98.1' AND
_from='[EMAIL PROTECTED]' AND
_rcpt='[EMAIL PROTECTED]';
+--------+------------+------------+
| _count | _datenew | _datelast |
+--------+------------+------------+
| 0 | 1188547827 | 1188547827 |
+--------+------------+------------+
1 row in set (0.01 sec)
postfix main.cf:
smtpd_recipient_restrictions =
reject_invalid_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unauth_pipelining,permit_mynetworks,reject_unauth_destination,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client bl.spamcop.net,
#check_policy_service inet:127.0.0.1:2525
check_policy_service inet:127.0.0.1:10031
We are running a DNS cache locally, and policyd is running on a
dedicate database server handling all mail related stuff (Postfix
transports/virtual users etc).
Thanks for the whitelisting tip - at the moment I am not whitelisting
anyone but will soon do.
Thanks again for your pointers.
On 8/31/07, Rianto Wahyudi <[EMAIL PROTECTED]> wrote:
>
> How often do you run cleanup script ?
> How long do you set the triplet expiry ?
>
> Try selecting a triplet from MySQL and see how long does it take ..
>
> My other suggestion :
> - Make sure that policyd is called after recipient verification / after
> blacklist.
> - run DNS cache locally
> - run RBL locally and combine the zone file so postfix only do 1 lookup for
> various RBL.
> - Run policyd database on dedicated machine.
> - separate incoming mail and outgoing mail server.
>
> - Try using following DNS_Whitelist. It will help you cut down the number
> of triplet in your DB and also, allow almost 80% of email coming from
> proper mail server:
> ----------------------------+-------------------------------------------------------------+---------+
> | _whitelist | _description
> | _expire |
> +----------------------------+-------------------------------------------------------------+---------+
> | bigfish.com | # bigfish.com has smtp servers behind
> multiple ips | 0 |
> | %mail% | mail server
> | 0 |
> | %smtp% | mail server
> | 0 |
> | %.server-web.com | webcentral web servers
> | 0 |
> | %.iserver.net | Verio Webhosting
> | 0 |
> | %.messagelabs.net | MessageLabs
> | 0 |
> | %.ev1servers.net | # ev1 hosting company
> | 0 |
> | %hosting% | # big possibility of running proper mail
> server | 0 |
> | %mx%.% | # big possibility of running proper mail
> server | 0 |
> | %server% | # big possibility of running proper mail
> server | 0 |
> | %post% | # big possibility of running proper mail
> server | 0 |
> | %exchange% | # big possibility of running proper mail
> server | 0 |
> | %return% | # big possibility of running proper mail
> server | 0 |
> | ns1% | # big possibility of running proper mail
> server | 0 |
> | ns2% | # big possibility of running proper mail
> server | 0 |
> | %google.com | # Google
> | 0 |
> | %yahoo.com% | # Yahoo
> | 0 |
> | %hotmail.com% | # Hotmail
> | 0 |
> | %mta% | # likely to e a proper mail server
> | 0 |
> | %pobox.com | # pobox
> | 0 |
> | %smarthost% | # big possibility of running proper mail
> server | 0 |
> | %relay% | # big possibility of running proper mail
> server | 0 |
> | %proxy% | # big possibility of running proper mail
> server | 0 |
> | %list% | big possibility of mailing list server
> | 0 |
> | %bounce% | big possibility of mailing list server
> | 0 |
> | %.shared.server-system.net | # ATO outgoing mail server
> | 0 |
> | %www% | # big possibility of running proper mail
> server | 0 |
> | ns3% | # big possibility of running proper mail
> server | 0 |
> | %.lnk.telstra.net | # Telstra business IP address
> | 0 |
> | %gw1% | # big possibility of running proper mail
> server | 0 |
> | %gw2% | # big possibility of running proper mail
> server | 0 |
> | %gw-% | # big possibility of running proper mail
> server | 0 |
> | %outbound% | # big possibility of running proper mail
> server | 0 |
> | %filter% | # big possibility of running proper mail
> server | 0 |
>
>
> Hope this help.
>
> Regards,
> Rianto Wahyudi
>
>
> --- "Adela Putri Tirta Belek"
>
>
>
>
>
>
> Leon de Jager wrote:
> Hi,
>
> I have a setup of 6 MX servers, each running policyd and a database
> server with approximately 9 million records in the triplet table.
>
> Recently every now and then the MX's starts timing out when attempting
> smtp connections to it and on closer inspection I can see the default
> maxproc of postfix has been reached.
>
> Postfix config is pretty standard with virtual mailboxes etc, policyd
> has the following enabled;
>
> FAILSAFE
> DATABASE_KEEPALIVE
> DAEMON
> WHITELISTING
> BLACKLIST_HELO
> HELO_CHECK
> GREYLISTING
>
> I've set the maxproc to 500 for now and closely monitoring the server
> and database server.
>
> mx03:~# ps aux | grep smtpd | wc -l
> 297
>
> Has anyone here come across this behaviour? Any suggestions?
> Previously I had postfix-gld running and never came across this...
>
> Many thanks in advance.
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> policyd-users mailing list
> policyd-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/policyd-users
>
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> policyd-users mailing list
> policyd-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/policyd-users
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
