Re: [Mimedefang] Occasional crashes - out of memory
Dirk Mueller wrote: On Wednesday, 17. May 2006 11:46, Jim Hatfield wrote: The machine has 1Gb of swap space and all it does now is mail You seem to have ulimits set at around 32MB. Hmm, I didn't think so. It's FreeBSD box, the /etc/login.conf is stock: :datasize=unlimited:\ :stacksize=unlimited:\ :memorylocked=unlimited:\ :memoryuse=unlimited:\ :filesize=unlimited:\ :coredumpsize=unlimited:\ :openfiles=unlimited:\ :maxproc=unlimited:\ :sbsize=unlimited:\ :vmemoryuse=unlimited:\ ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Occasional crashes - out of memory
Dirk Mueller wrote: On Wednesday, 17. May 2006 11:46, Jim Hatfield wrote: The machine has 1Gb of swap space and all it does now is mail You seem to have ulimits set at around 32MB. Hmm, I didn't think so. It's FreeBSD box, the /etc/login.conf is stock: :datasize=unlimited:\ :stacksize=unlimited:\ :memorylocked=unlimited:\ :memoryuse=unlimited:\ :filesize=unlimited:\ :coredumpsize=unlimited:\ :openfiles=unlimited:\ :maxproc=unlimited:\ :sbsize=unlimited:\ :vmemoryuse=unlimited:\ Then you have implemented the limits in MIMEDefang - man mimedefang-multiplexor : -R kbytes Limits the resident-set size of the slave filter processes to kbytes kilobytes. This limit is not supported on all operating systems; it is known to work on Linux. -M kbytes Limits the total memory space of slave filter processes to kbytes kilobytes. This limit is supported on all operating systems which support the setrlimit(2) system call. This should include most modern UNIX systems. We recommend that you monitor your slave filter processes and get a feel for how much memory they use. You should then limit the memory to two or three times the worst-case that you have observed. This can help mitigate denial-of-service attacks which use complicated MIME messages to force mimedefang.pl to consume lots of memory. This is usually set in the init.d script or in mimedefang.conf, e.g. # Limit slave processes' resident-set size to this many kilobytes. Default # is unlimited. # MX_MAX_RSS=1 # Limit total size of slave processes' memory space to this many kilobytes. # Default is unlimited. # MX_MAX_AS=3 If you are accepting large messages, then this will need to be tweaked considerably higher - the old maxim of know your traffic and build your system and policy based on this knowledge. Remember that your slave will need enough memory to hold the message in memory as a MIME::Entity object, and will also grab some more for virus scanning and SpamAssassin even if you then decide not to run SA on larger messages, so don't assume that a 5Mb message needs 5Mb of memory... Best Wishes, Paul. -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.392 / Virus Database: 268.6.0/342 - Release Date: 17/05/2006 ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Occasional crashes - out of memory
Paul Murphy wrote: Dirk Mueller wrote: On Wednesday, 17. May 2006 11:46, Jim Hatfield wrote: The machine has 1Gb of swap space and all it does now is mail You seem to have ulimits set at around 32MB. Hmm, I didn't think so. It's FreeBSD box, the /etc/login.conf is stock: Then you have implemented the limits in MIMEDefang - This is usually set in the init.d script or in mimedefang.conf, e.g. Bingo - thanks very much. The FreeBSD equivalent of /etc/init.d is /usr/local/etc/rc.d/ and mimedefang.sh has: # Limit slave processes' resident-set size to this many kilobytes. Default # is unlimited. MX_MAX_RSS=1 # Limit total size of slave processes' memory space to this many kilobytes. # Default is unlimited. MX_MAX_AS=3 So it's the FreeBSD-isation which is the culprit. Jim ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] patch for syslog print in copy_or_link
Hi David, no problem, was just an idea. :) Thanks Oliver David F. Skoll wrote: I won't integrate the patch, because in almost any MIMEDefang installation, link() will either always succeed (meaning no log message) or always fail (meaning lots and lots and lots of useless log messages.) -- Oliver Schulze L. [EMAIL PROTECTED] ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
