Re: Ldap queries optimization
El 17/02/12 17:18, Viktor Dukhovni escribió: Some queries are repeated, this should have no significant impact. Focus on overalll performance rather than optimizing non-critical paths. Postfix is not monolithic, so cleanup(8) repeats some queries made by smtpd(8), and in smtpd(8) some queries are repeated because this makes the code more modular. This works well enough for a large number of Postfix sites, it will work for you too if you don't sweat the small stuff. I know it needs to repeat queries. But, in this case, why not implementing a cache for such maps? If I remember well in previous versions it did. And it did for other maps, like the one for address_verify_map. And I know I should focus on the real problem with my ldap server. But I would like postfix to make things better (and it doesn't mean it doesn't do well) -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica_(___V Tfo: 868887590 Fax: 86337
Re: Postfix unable to send email for specific domain
kshitij mali: I have postfix chroot i think [master.cf] Indeed. Both smtpd (server) and smtp (client) are chrooted. Your current problem is with the client. You may run into other problems with the server. but i want to know that the problem is with the resolution and sending email to specfic domain what its relate to chroot config ? Please follow my instructions. If the problem disappears, complain to your Postfix distributor for providing you with broken software. Wietse
Re: Ldap queries optimization
Angel L. Mateo: Some queries are repeated, this should have no significant impact. Focus on overalll performance rather than optimizing non-critical paths. Postfix is not monolithic, so cleanup(8) repeats some queries made by smtpd(8), and in smtpd(8) some queries are repeated because this makes the code more modular. This works well enough for a large number of Postfix sites, it will work for you too if you don't sweat the small stuff. I know it needs to repeat queries. But, in this case, why not implementing a cache for such maps? If I remember well in previous If you believe this is a problem, contribute a solution. Wietse
Re: Where should Feature-Wishes go?
Jean Bruenn: On Wed, 22 Feb 2012 07:06:28 -0500 (EST) Wietse Venema wie...@porcupine.org wrote: Jean Bruenn: Hello, I was wondering where feature-wishes should be written to, so I assume this maillinglist might be a good start. Might well be that other people asked for similar features already, a fast look through the archive didn't result in anything like that though. Discuss designs on the postfix-devel list, then contribute code. And if I can't code C/C++? Then you can write it as a Python/Ruby/Perl policy/Milter extension. For the past 8 years or so, major features have been implemented by adding programs, not by constantly tinkering with existing code. If you can't provide working code, then your efforts will remain an academic exercise. There is no shortage of ideas, but there is a shortage of cycles to ensure that new code does not negatively affect the qualities of the mail system, including its interface for legitimate users, its surface for attackers, and its worst-case performance characteristics. Wietse
Postfix 2.9.1 stable release
[An on-line version of this announcement will be available at http://www.postfix.org/announcements/postfix-2.9.1.html] Postfix stable release 2.9.1 is available. This contains fixes that are already part of Postfix 2.10. * The change header Milter request could replace the wrong header. A long header name could match a shorter one, because a length check was done on the wrong string. Reported by Vladimir Vassiliev. This was introduced with Postfix 2.3. * sendmail -bs segfault, due to a missing guard statement after an smtpd_check_rewrite() call was moved closer to the command processor loop. Fix by Bartek Szady. This was introduced 20111219 near the end of the 2.9 development cycle. You can find the updated Postfix source code at the mirrors listed at http://www.postfix.org/. Wietse
Re: rewrite from: address
On 2/22/2012 6:49 AM, polloxx wrote: I also thought to use canonical_maps, but only Return-Path: is changed, not the From: Please see http://www.postfix.org/postconf.5.html#local_header_rewrite_clients -- Noel Jones
Re: rewrite from: address
Thanks Noël. On Wed, Feb 22, 2012 at 2:47 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 2/22/2012 6:49 AM, polloxx wrote: I also thought to use canonical_maps, but only Return-Path: is changed, not the From: Please see http://www.postfix.org/postconf.5.html#local_header_rewrite_clients -- Noel Jones
using postgres functions for domain tables
hi, i want to use postgres (8.3) plperl functions to provide virtual_mailbox_domains/relay_domains. is this possible? how do i make a postgres plperl function return a value/row only when certain conditions are met and otherwise return nothing/void/0 rows? right now my function returns 1 row even when i return undef. i know this is more of a postgres question, but i couldn't find an answer in postgres docs/lists yet. maybe someone here can help me out ;-) thx matthias
postfix schema
Hi All I want to setup Postfix+LDAP on Redhat EL6. The problem i am facing is Postfix schema file . The openldap version on EL6 is 2.4.19 and its support LDAP enabled schema file . I can't see Ldap enabled schema file on my server and unable to find it on net as well. Can you people guide me in right direction for this Thanks Regards Vishesh Kumar
Re: using postgres functions for domain tables
On Wed, Feb 22, 2012 at 05:30:02PM +0100, Matthias Leopold wrote: hi, i want to use postgres (8.3) plperl functions to provide virtual_mailbox_domains/relay_domains. is this possible? how do i make a postgres plperl function return a value/row only when certain conditions are met and otherwise return nothing/void/0 rows? right now my function returns 1 row even when i return undef. i know this is more of a postgres question, but i couldn't find an answer in postgres docs/lists yet. maybe someone here can help me out ;-) thx matthias The documentation for plperl states: ...to return an SQL null value from a PL/Perl function, return an undefined value... Did you try that? Cheers, Ken
mailq not showing the recipient
A few seconds ago I logged in on our mailbox server and found: postamt:~# mailq Queue ID- --Size-- ---Arrival Time --Sender/Recipient-- 3TtQjD72G4z2r0c* 1237 Wed Feb 22 18:31:28 s.sxxx...@charite.de -- 2 Kbytes in 1 Request. postamt:~# logout I didn't notice at first, but I then wondered - huh? Why is mailq only displaying so little information? Is this a freaky timing issue? The log: Feb 22 18:31:29 postamt postfix/smtpd[31110]: 3TtQjD72G4z2r0c: client=webmail.charite.de[141.42.206.38] Feb 22 18:31:29 postamt postfix/cleanup[27987]: 3TtQjD72G4z2r0c: message-id=04a9a765f941f3fb639ca825d2ac7899.squir...@webmail.charite.de Feb 22 18:31:29 postamt postfix/qmgr[8645]: 3TtQjD72G4z2r0c: from=s.sxxx...@charite.de, size=1237, nrcpt=2 (queue active) Feb 22 18:31:29 postamt postfix/discard[930]: 3TtQjD72G4z2r0c: to=fisc...@charite.de.invalid, relay=none, delay=0.15, delays=0.09/0.06/0/0, dsn=2.0.0, status=sent (Sie haben eine nicht vollqualifizierte Emailadresse verwendet) Feb 22 18:31:29 postamt postfix/smtp[19296]: 3TtQjD72G4z2r0c: to=rt.fisc...@charite.de, relay=mail2.charite.de[141.42.206.200]:25, delay=0.52, delays=0.09/0.01/0.06/0.37, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10026): 250 2.0.0 Ok: queued as 3TtQjF3BJLz1tLN) Feb 22 18:31:29 postamt postfix/qmgr[8645]: 3TtQjD72G4z2r0c: removed -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: Adding custom header
On Wed, February 22, 2012 1:20 am, Wietse Venema wrote: Jack Knowlton: Hi guys. My mailserver uses a relayhost which basically only signs messages with DKIM and delivers them. I would like to add a custom header, something like X-Abuse: if spam/uce email ab...@mydomain.com. How should I go about, without postfix adding the header twice (before and after dkimfilter-out)? See the discussion of receive_override_options in the FILTER_README documentation (http://www.postfix.org/FILTER_README.html). Wietse Thanks. It does seem to work :) Now I would like to add another header, right under the X-Abuse. How can I perform that? I tried with the same regex based on /^Subject: .*/, but it doesn't seem to be adding both.. -JK
Re: mailq not showing the recipient
* Ralf Hildebrandt ralf.hildebra...@charite.de: Feb 22 18:31:29 postamt postfix/cleanup[27987]: 3TtQjD72G4z2r0c: message-id=04a9a765f941f3fb639ca825d2ac7899.squir...@webmail.charite.de Feb 22 18:31:29 postamt postfix/qmgr[8645]: 3TtQjD72G4z2r0c: from=s.sxxx...@charite.de, size=1237, nrcpt=2 (queue active) Feb 22 18:31:29 postamt postfix/discard[930]: 3TtQjD72G4z2r0c: to=fisc...@charite.de.invalid, relay=none, delay=0.15, delays=0.09/0.06/0/0, dsn=2.0.0, status=sent (Sie haben eine nicht vollqualifizierte Emailadresse verwendet) Feb 22 18:31:29 postamt postfix/smtp[19296]: 3TtQjD72G4z2r0c: to=rt.fisc...@charite.de, relay=mail2.charite.de[141.42.206.200]:25, delay=0.52, delays=0.09/0.01/0.06/0.37, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10026): 250 2.0.0 Ok: queued as 3TtQjF3BJLz1tLN) Feb 22 18:31:29 postamt postfix/qmgr[8645]: 3TtQjD72G4z2r0c: removed This is postfix-2.10-20120218 -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: mailq not showing the recipient
Ralf Hildebrandt: A few seconds ago I logged in on our mailbox server and found: postamt:~# mailq Queue ID- --Size-- ---Arrival Time --Sender/Recipient-- 3TtQjD72G4z2r0c* 1237 Wed Feb 22 18:31:28 s.sxxx...@charite.de -- 2 Kbytes in 1 Request. postamt:~# logout I didn't notice at first, but I then wondered - huh? Why is mailq only displaying so little information? Is this a freaky timing issue? It shows only recipients that are still need to be delivered. Wietse
Re: mailq not showing the recipient
On Wed, Feb 22, 2012 at 06:37:04PM +0100, Ralf Hildebrandt wrote: postamt:~# mailq Queue ID- --Size-- ---Arrival Time --Sender/Recipient-- 3TtQjD72G4z2r0c* 1237 Wed Feb 22 18:31:28 s.sxxx...@charite.de I didn't notice at first, but I then wondered - huh? Why is mailq only displaying so little information? Is this a freaky timing issue? Not freaky, but yes timing, all the recipients were delivered, but the message had not yet been deleted from the active queue. The log: Feb 22 18:31:29 postamt postfix/smtpd[31110]: 3TtQjD72G4z2r0c: client=webmail.charite.de[141.42.206.38] Feb 22 18:31:29 postamt postfix/cleanup[27987]: 3TtQjD72G4z2r0c: message-id=04a9a765f941f3fb639ca825d2ac7899.squir...@webmail.charite.de Feb 22 18:31:29 postamt postfix/qmgr[8645]: 3TtQjD72G4z2r0c: from=s.sxxx...@charite.de, size=1237, nrcpt=2 (queue active) Feb 22 18:31:29 postamt postfix/discard[930]: 3TtQjD72G4z2r0c: to=fisc...@charite.de.invalid, relay=none, delay=0.15, delays=0.09/0.06/0/0, dsn=2.0.0, status=sent (Sie haben eine nicht vollqualifizierte Emailadresse verwendet) Feb 22 18:31:29 postamt postfix/smtp[19296]: 3TtQjD72G4z2r0c: to=rt.fisc...@charite.de, relay=mail2.charite.de[141.42.206.200]:25, delay=0.52, delays=0.09/0.01/0.06/0.37, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10026): 250 2.0.0 Ok: queued as 3TtQjF3BJLz1tLN) You ran mailq at approximately this juncture. Feb 22 18:31:29 postamt postfix/qmgr[8645]: 3TtQjD72G4z2r0c: removed -- Viktor.
Re: Adding custom header
Jack Knowlton: I would like to add a custom header, something like X-Abuse: if spam/uce email ab...@mydomain.com. How should I go about, without postfix adding the header twice (before and after dkimfilter-out)? Wietse See the discussion of receive_override_options in the FILTER_README documentation (http://www.postfix.org/FILTER_README.html). Jack Knowlton: Thanks. It does seem to work :) Now I would like to add another header, right under the X-Abuse. How can I perform that? I tried with the same regex based on /^Subject: .*/, but it doesn't seem to be adding both.. Postfix header/body_checks are not intended to provide a complete message content manipulation system. In this case, a Milter plug-in would be more appropriate. Applying header/body_checks etc. rules to output from header/body_checks rules would be unsafe. Wietse
Re: mailq not showing the recipient
* Wietse Venema wie...@porcupine.org: Ralf Hildebrandt: A few seconds ago I logged in on our mailbox server and found: postamt:~# mailq Queue ID- --Size-- ---Arrival Time --Sender/Recipient-- 3TtQjD72G4z2r0c* 1237 Wed Feb 22 18:31:28 s.sxxx...@charite.de -- 2 Kbytes in 1 Request. postamt:~# logout I didn't notice at first, but I then wondered - huh? Why is mailq only displaying so little information? Is this a freaky timing issue? It shows only recipients that are still need to be delivered. Thanks for the clarification. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: postfix schema
On 02/22/2012 05:46 PM, vishesh kumar wrote: Hi All I want to setup Postfix+LDAP on Redhat EL6. The problem i am facing is Postfix schema file . The openldap version on EL6 is 2.4.19 and its support LDAP enabled schema file . I can't see Ldap enabled schema file on my server and unable to find it on net as well. Can you people guide me in right direction for this Thanks Regards Vishesh Kumar There is no postfix schema. An LDAP map file contains the details required to perform an LDAP lookup, and interpret the results in a way postfix can use them. See http://www.postfix.org/ldap_table.5.html for details. -- J.
Delay before initial 220 greeting
Hi, I have a postfix-2.8.7 system with fedora15 and amavisd-new-2.6.6. Lately I have been experiencing significant delays before receiving the initial postfix 220 greeting from all remote hosts. I've verified DNS is working properly and can resolve hosts properly. It seems to be related to system load and doesn't occur as frequently when the server is less busy. I've experimented with various parameters but am really unsure where to start. I was unsure if it was somehow related to smtpd_client_connection_count_limit or some other limit parameter. My guess is it's related to not spawning enough smtp processes to accept the incoming connections? This issue occurs even when amavisd is otherwise idle, with a least a few processes idle. This server is a dual quad-core Xeon with 16GB. I've also enabled debug_peer_list and it really doesn't reveal anything helpful. I can see the initial postscreen connection, then a large delay, then immediately the match_hostname, match_hostaddr statements, and the 220 greeting: Feb 22 13:14:35 mail01 postfix/postscreen[25319]: CONNECT from [64.XXX.YYY.2]:48144 Feb 22 13:14:35 mail01 postfix/postscreen[25319]: WHITELISTED [64.XXX.YYY.2]:48144 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: connect from rogue.example.com[64.XXX.YYY.2] Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostname: rogue.example.com ~? 127.0.0.0/8 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostaddr: 64.XXX.YYY.2 ~? 127.0.0.0/8 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostname: rogue.example.com ~? 192.168.1.0/24 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostaddr: 64.XXX.YYY.2 ~? 192.168.1.0/24 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostname: rogue.example.com ~? 192.168.6.0/24 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostaddr: 64.XXX.YYY.2 ~? 192.168.6.0/24 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostname: rogue.example.com ~? 68.XXX.YYY.40/29 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostaddr: 64.XXX.YYY.2 ~? 68.XXX.YYY.40/29 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostname: rogue.example.com ~? 64.XXX.YYY.0/27 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: match_hostaddr: 64.XXX.YYY.2 ~? 64.XXX.YYY.0/27 Feb 22 13:16:31 mail01 postfix/smtpd[3184]: rogue.example.com[64.XXX.YYY.2]: 220 mail01.example.com ESMTP Postfix I've included my postfinger output below. I also have another issue that I'm unsure is related. I've had to create a client_checks_special and sender_checks_special maps, in addition to my normal sender and client maps, because something in my smtpd_recipient_restrictions was rejecting my exceptions in those maps before reaching my other sender_checks and client_checks maps. postfinger - postfix configuration on Wed Feb 22 13:03:09 EST 2012 version: 1.30 --System Parameters-- mail_version = 2.8.7 hostname = mail01.example.com uname = Linux mail01.example.com 2.6.42.3-2.fc15.x86_64 #1 SMP Thu Feb 9 01:42:06 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux --Packaging information-- looks like this postfix comes from RPM package: postfix-2.8.7-1.fc15.x86_64 --main.cf non-default parameters-- alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases allow_mail_to_files = alias,forward always_bcc = bcc-user biff = no body_checks = regexp:/etc/postfix/body_checks.pcre content_filter = smtp-amavis:[127.0.0.1]:10024 debug_peer_list = 64.XXX.YYY.0/27 default_process_limit = 200 delay_warning_time = 4h disable_vrfy_command = yes header_checks = pcre:/etc/postfix/header_checks.pcre pcre:/etc/postfix/header_checks-jimsun.pcre initial_destination_concurrency = 20 mailbox_command = /usr/bin/procmail mailbox_size_limit = 20 manpage_directory = /usr/share/man maximal_queue_lifetime = 2d message_size_limit = 13312000 mime_header_checks = pcre:/etc/postfix/mime_header_checks mydestination = $myhostname, localhost.$mydomain mynetworks = 127.0.0.0/8, 192.168.1.0/24, 192.168.6.0/24, 68.XXX.YYY.40/29, 64.XXX.YYY.0/27, 206.XXX.YYY.45/32, 167.XXX.YYY.192/26, 74.XXX.YYY.160/27, 67.XXX.YYY.224/28, 160.XXX.YYY.3 postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr postscreen_blacklist_action = enforce postscreen_dnsbl_action = enforce postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1 b.barracudacentral.org*1 postscreen_dnsbl_threshold = 2 postscreen_greet_action = enforce rbl_reply_maps = ${stress?hash:/etc/postfix/rbl_reply_maps} readme_directory = /usr/share/doc/postfix-2.8.7/README_FILES relay_domains = $mydestination, $transport_maps, example.com, cs.example.com, hotel.example.com, example.com sample_directory = /usr/share/doc/postfix-2.8.7/samples smtpd_recipient_restrictions = reject_non_fqdn_recipient, check_client_access hash:/etc/postfix/client_checks_special,check_sender_access hash:/etc/postfix/sender_checks_special,reject_non_fqdn_sender, reject_unlisted_recipient, permit_mynetworks, reject_unauth_destination,
Re: Delay before initial 220 greeting
Alex: Hi, I have a postfix-2.8.7 system with fedora15 and amavisd-new-2.6.6. Lately I have been experiencing significant delays before receiving the initial postfix 220 greeting from all remote hosts. I've verified What is the output from: grep warning: /var/log/maillog Then you may want to read this webpage: http://www.postfix.org/STRESS_README.html Wietse
Re: postfix schema
On 22/2/2012 8:13 μμ, Jeroen Geilman wrote: There is no postfix schema. Indeed, there is no official Postfix schema. However, it will be interesting to read the following threads: http://www.openldap.org/lists/openldap-technical/201105/msg00033.html and http://www.openldap.org/lists/openldap-technical/201202/msg00147.html In my implementation we use the former for virtual aliases AND user aliases, while we use mail,uid attributes of people entries for mail and mailboxes (standard inetOrgPerson schema). This is the simplest solution (described in the former thread). I am now planning a change, based on my thoughts mentioned in the latter thread. When finished, the Postfix schema mentioned in the former thread, will be used only for virtual aliases, while the rest will use a schema like the one sketched in the latter thread. I wish there was a standardized/optimized schema for this use, but I am afraid there is not. Yet, if you research based on the above info, you'll find your way through. Best regards, Nick smime.p7s Description: S/MIME Cryptographic Signature
postscreen dnsbl logging
I have changed postscreen DNSBL reject logging, so that it now gives credit to the DNSBL with the largest weight, instead of the DNSBL that replies first. I think that the result resembles more what some people expected to see. Wietse Before: dnsblog[75702]: addr 124.42.204.113 listed by domain b.barracudacentral.org as 127.0.0.2 dnsblog[75702]: addr 124.42.204.113 listed by domain zen.spamhaus.org as 127.0.0.4 postscreen[75699]: DNSBL rank 3 for [124.42.204.113]:3566 postscreen[75699]: NOQUEUE: reject: RCPT from [124.42.204.113]:3566: 550 5.7.1 Service unavailable; client [124.42.204.113] blocked using b.barracudacentral.org; ... After: dnsblog[99956]: addr 124.42.204.113 listed by domain b.barracudacentral.org as 127.0.0.2 dnsblog[99937]: addr 124.42.204.113 listed by domain zen.spamhaus.org as 127.0.0.4 postscreen[99920]: DNSBL rank 3 for [124.42.204.113]:2446 postscreen[99920]: NOQUEUE: reject: RCPT from [124.42.204.113]:2446: 550 5.7.1 Service unavailable; client [124.42.204.113] blocked using zen.spamhaus.org; ...
Re: Delay before initial 220 greeting
On 2/22/2012 12:33 PM, Wietse Venema wrote: Alex: Hi, I have a postfix-2.8.7 system with fedora15 and amavisd-new-2.6.6. Lately I have been experiencing significant delays before receiving the initial postfix 220 greeting from all remote hosts. I've verified What is the output from: grep warning: /var/log/maillog Then you may want to read this webpage: http://www.postfix.org/STRESS_README.html You've already got a default_process_limit of 200 which should be more than plenty for a very large inbound stream, assuming everything else is in order. In addition to the recommendations in the STRESS_README WRT decreasing time spent per connection by each smtpd, I'd add that if you're not already running a local caching DNS resolver on your Postfix host, you should implement such. It could shave up to a second off the smtpd processing time for each connection, which is significant for a loaded server with 200 smtpds experiencing this problem. On 2/22/2012 12:23 PM, Alex wrote: postscreen_blacklist_action = enforce postscreen_dnsbl_action = enforce postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1 b.barracudacentral.org*1 postscreen_dnsbl_threshold = 2 reject_rbl_client zen.spamhaus.org, reject_rbl_client psbl.surriel.com You're rejecting based on zen twice, once in Postscreen and once in smtpd. May as well remove the smtpd entry. And you may as well move psbl into postscreen. If it's going to kill a connection you may as well do it before tying up an smtpd process, which is currently a problem. You're currently doing a combined 5 dnsbl lookups per connection plus two for the forward and reverse names, for a total of 7 per connection. This may likely be part of your current problem, especially if using a high latency external resolver (ISP for instance). Four external dnsbl queries per connect may be a bit excessive for a host under this kind of load. In addition to a local caching resolver, consider using a local rbldnsd instance for serving the spamcop and psbl zones, and zen if you're a paying customer. This will cut total external dns queries down to 4 or 3 from your current 7. Along with a local resolver, this should pretty much eliminate dns latency as a factor in tying up smtpd processes. If your current average dns latency is 10ms you're looking at 0.7 seconds of time in smtpd just for dns lookups. If it's 30ms it's 2.1 seconds. That's peanuts on a lightly loaded MX, but more than significant on a host with 200 smtpds that can't seem to keep up with the load currently. -- Stan
Re: using postgres functions for domain tables
On 23/02/12 05:30, Matthias Leopold wrote: how do i make a postgres plperl function return a value/row only when certain conditions are met and otherwise return nothing/void/0 rows? right now my function returns 1 row even when i return undef. Have you tried using your function in the WHERE clause of your SQL query? Peter