From: Warren Flemmer (no email)
Date: Fri Mar 01 2002 - 07:42:02 EST
Thanks Ralf
Ralf Hildebrandt wrote:
>On Fri, Mar 01, 2002 at 10:40:50AM +0200, Warren Flemmer wrote:
>
>>Greetings
>>
>>I have been having complaints about the slow responses from a postfix
>>server, but only from dial-up users.
>>
>
>Sound like dial-ups where the IP doesn't resolve back to a name. Check
>the logs. Do these guys have "unknown" as client name?
>
Just in case I did
tail -1000 /var/log/maillog | grep unknown
The only unknowns were IPs that are not dial-up users (outside our network).
>
>>read the FAQs, which implies that their is a lookup problem. I have
>>tested both forward and reverse lookups for the ip used by the dial-up
>>users and they are good (except one that I left out so I could compare).
>>
>
>OK.
>
>>I have also setup the hosts file for the ip's used by the dial-up
>>servers (users ips), but yet the response of postfix for the dialup
>>users is bad. I have left the default search order for host file and DNS
>>(host first then DNS). Lan users do not have an issue, the response is
>>great. The server also has cyrus-imap which responds like a dream to all
>>users (so I don't think its a resource issue).
>>
>
>Does cyrus perform reverse lookups?
>
The logs imply that it does, both the ip and the FQDN are pressent in
the logs.
>
>>The problem does not seem
>>to be the transfer of the actual data but rather the response to
>>commands that seems to have large delays (3 to 20 seconds, and on some
>>occasions going close to a minute or more). Cyrus on the other hand
>>seems almost instantaneous, even for dial-up users.
>>
>
>Obviously it does not lookups. Courier doesn't do lookups either.
>
>>I run smtpd from xinetd and it is a RH7.1 box. postfix-20010228-pl03. I
>>
> ^^^^^^^^^^^^^^^^^
>Arrrgh. Why that?
>
>>have increased 'nice' to -10 in xinetd which did help a little. I do not
>>want to remove smtp from xinetd as it offers some other features that I
>>find very useful.
>>
>
>Like? Limiting how many concurrent connections are accepted from one
>machine?
>
Exactly. If postfix did this I would have no significant reason for xinetd.
>
>>I am also making use of mysql tables for most things.
>>
>
>Is the mysql server fast enough too keep up?
>
Its on the same server, with high ideal %. Is there more I need to check
here.
>
>>I am also using amavis perl for anti-virus. Server load is very low,
>>about 300 users. Most of the time the CPU is at 99 percent ideal.
>>
>
>OK.
>
>
>>Any ideas of where to go from here would be appreciated.
>>
>
>Show some logs or better still: postconf -n output and a pflogsumm.pl
>log summary with smtpd_stats.
>
[root at unicorn pz]# postconf -n
alias_maps = mysql:/etc/postfix/db/mysql-aliases.cf
body_checks = regexp:$config_directory/checks/body_check
command_directory = /usr/sbin
content_filter = vscan:
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = regexp:$config_directory/checks/header_check
local_recipient_maps = mysql:/etc/postfix/db/mysql-recipient.cf
mail_owner = postfix
mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
mydestination = mysql:/etc/postfix/db/mysql-destination.cf
myhostname = unicorn.netlab.co.za
mynetworks = $config_directory/mynetworks
queue_directory = /var/spool/postfix
recipient_delimiter = +
transport_maps = mysql:/etc/postfix/db/mysql-transport.cf
virtual_maps = mysql:/etc/postfix/db/mysql-virtual.cf
The log summary is 100k (yesterday only). So I have pasted what I think is
relevent below. If anything else is required please let me know. I will
mail the
complete sumary to Ralf.
These are for yesterday
Grand Totals
------------
messages
1597 received
1855 delivered
0 forwarded
10 deferred (40 deferrals)
10 bounced
29 rejected
123380k bytes received
148939k bytes delivered
445 senders
287 sending hosts/domains
324 recipients
159 recipient hosts/domains
smtpd
2033 connections
271 hosts/domains
84 avg. connect time (seconds)
47:23:55 total connect time
Warnings
--------
smtp
17 no MX host for afrox.co.za has a valid A record
smtpd
4 196.15.168.31: hostname dns1.cybertrade.co.za verification
fail...
2 66.115.47.67: hostname opt.edirectnetwork.net verification
fail...
2 196.8.104.24: hostname mailmarshal5.sbic.co.za verification
fai...
2 196.22.209.243: hostname pc243.hatch.co.za verification
failed:...
2 64.232.234.83: address not listed for hostname mx2a.oc9.net
2 64.232.234.82: address not listed for hostname mx2a.oc9.net
2 66.115.47.101: hostname opt.edirectnetwork.net verification
fai...
2 66.115.47.99: hostname opt.edirectnetwork.net verification
fail...
1 196.44.2.197: hostname ib-global-outside-16132.inet.co.za
verif...
1 206.46.170.17: hostname out005slb.verizon.net verification
fail...
1 196.34.236.3: address not listed for hostname hot.hot.co.za
1 64.232.234.252: address not listed for hostname mx4a.y8k.net
1 195.235.113.141: address not listed for hostname
mailhost.telel...
1 155.251.246.236: hostname mailman36.vmadmin.com
verification fa...
1 66.115.47.123: hostname opt.edirectnetwork.net verification
fai...
1 66.8.50.82: address not listed for hostname na.sdn.net.za
1 196.33.58.5: hostname fcbnt01.fcb.co.za verification
failed: Ho...
1 64.232.234.79: address not listed for hostname mx1a.oc9.net
1 64.232.234.116: address not listed for hostname mx3a.x36.net
1 66.115.47.69: hostname opt.edirectnetwork.net verification
fail...
1 209.203.9.193: hostname gia2sandownm.ppp.gia.net.za
verificatio...
1 216.115.96.59: hostname n9.groups.yahoo.com verification
failed...
1 64.232.234.74: address not listed for hostname mx1a.oc9.net
1 207.89.233.117: hostname 207-89-233-117.deerfield.com
verificat...
1 64.232.234.155: address not listed for hostname mx2a.y8k.net
1 155.251.246.238: hostname mailman38.vmadmin.com
verification fa...
1 64.211.230.38: address not listed for hostname MTA.keen.com
1 196.2.63.128: address not listed for hostname
www.bigbrothersa.com
1 208.245.232.33: address not listed for hostname mx3a.oc9.net
1 208.245.232.36: address not listed for hostname mx3a.oc9.net
1 64.232.234.250: address not listed for hostname mx4a.y8k.net
1 64.232.234.29: address not listed for hostname mx1a.c12.net
1 216.239.209.135: hostname mail2.center.com verification
failed:...
1 155.251.246.231: hostname mailman31.vmadmin.com
verification fa...
1 66.115.47.19: hostname opt.edirectnetwork.net verification
fail...
1 64.232.234.253: address not listed for hostname mx4a.y8k.net
1 66.8.23.122: address not listed for hostname na.sdn.net.za
1 64.232.234.85: address not listed for hostname mx2a.oc9.net
1 66.115.47.118: hostname opt.edirectnetwork.net verification
fai...
Fatal Errors: none
Panics: none
Master daemon messages: none
Senders by message count
------------------------
80 from=<>
......
This last bit I don't like. Someone is not putting in their reply to
address. Would
it be sensible to stop this? It is not an open relay so they must be
coming from inside
the network. Please don't let this detract from the main issue, response
times for dial
up users is the problem I would like to solve.
This is a fraction of what is in the summary. This message is already
long enough.
If there is something else of value in the summary or logs I will
happily send it.
Regards
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|