From: Warren Flemmer (no email)
Date: Fri Mar 01 2002 - 09:36:40 EST
Hi
Ralf Hildebrandt wrote:
>On Fri, Mar 01, 2002 at 02:42:02PM +0200, Warren Flemmer wrote:
>
>>>Does cyrus perform reverse lookups?
>>>
>
>>The logs imply that it does, both the ip and the FQDN are pressent in
>>the logs.
>>
>
>Ah. Hmm.
>
You seem a little sceptical so, heres a bit of the pop log
Mar 1 15:50:44 unicorn pop3d[25633]: login:
nas1-142.netlab.co.za[196.25.30.42] xxx plaintext
Mar 1 15:50:51 unicorn pop3d[25633]: login:
nas2-152.netlab.co.za[196.25.30.52] yyy plaintext
>
>>Its on the same server, with high ideal %. Is there more I need to check
>>here.
>>
>
>Maybe check the Postfix logs for "connection refused" or
>"(error|warning|fatal)" and the mysqld logs for oddities.
>
Errors
Mostly reverse lookup errors.
All execpt one did not resolve, not only on my server but also on other
independent
networks.
The one that did resolve but failed within postfix, was sent later.
Perhaps they had a
little downtime.
Warnings
I have pasted a bit of the log here:
Mar 1 08:46:18 unicorn postfix/smtp[17572]: warning: no MX host for
afrox.co.za has a valid A record
Mar 1 08:46:56 unicorn postfix/smtpd[17587]: warning: 64.232.234.177:
address not listed for hostname mx4a.oc9.net
Mar 1 08:52:38 unicorn postfix/smtpd[17645]: warning: 208.201.88.4:
hostname nathqmailgwi1.aspentech.com verification failed: Host not found
Mar 1 09:54:48 unicorn postfix/smtp[19030]: warning: no MX host for
afrox.co.za has a valid A record
Mar 1 10:04:29 unicorn postfix/smtpd[19233]: warning: 202.51.143.54:
address not listed for hostname green.lanka.net
In terms of types of warnings this log snip seems to give most of the
types of errors listed. I have pasted about 1/10 of the warning of the last
10000 entried in the maillog
Fatal
None.
MySQL
Ahhhh.
Full of these
020301 16:15:51 Aborted connection 152172 to db: 'yyyyy' user: 'xxxxxx'
host: `unicorn.netlab.co.za' (Got an error reading communication packets)
Often a couple of times a second.
The user is the username used by postfix.
This does not seem right.
Yet I can connect to the mysql mail db with the specified username and
password.
The SQL server is on the same Comp as postfix. The dbs reference from the
postfix config are to host=127.0.0.1
Could this be the source of my problem.
>
>Nothing in the config.
>
>
>>smtpd
>>
>> 2033 connections
>> 271 hosts/domains
>> 84 avg. connect time (seconds)
>>47:23:55 total connect time
>>
>
>84s average connect time? Whoa!
>
>At out box:
>
>smtpd
>
> 28211 connections
> 1332 hosts/domains
> 2 avg. connect time (seconds)
> 13:48:32 total connect time
>
>We do more than 20 times the volume of your mail with 1/40 of connect
>time...
>
Where I come from bandwidth is extremely expensive. To prevent our modist
bandwidth from being saturated by mail I use iproute2 to restict
incoming and
outgoing available bandwidth to port 25. Only connections from outside
my network are
limited. Dial-in users have a direct path to the mail server that has no
bandwidth restrictions.
This may explain the high connection times, expecially during working
hours. This
setup has been in-place for a long time and has not been a problem. Our
old mail
server (different software, and no where near as good as postfix) did
not suffer from
the current problem, but the network config was the same.
>
>
>Is your DNS slow?
>
Never had an issue with them, in any way. Being small I rely on upstream
providers
for reverse lookups. Netsaint has been set to monitor that reverse
lookups are
functioning, and so far this year there has not been any problems.
>
>Do you have a caching DNS?
>
They should also cache and the results of the dig below definitely
implies they do.
>
>Do you have multiple DNS servers in /etc/resolv.conf?
>
Yes, two
>
>How do the query times look like if you try:
>
>% dig @dns1 MX charite.de
>% dig @dns1 MX charite.de
>
>% dig @dns2 MX charite.de
>% dig @dns2 MX charite.de
>
On first query 800ms odd
After that 4ms give or take
Both servers responsed the same
>
>>fail...
>> 1 64.232.234.253: address not listed for hostname mx4a.y8k.net
>> 1 66.8.23.122: address not listed for hostname na.sdn.net.za
>> 1 64.232.234.85: address not listed for hostname mx2a.oc9.net
>> 1 66.115.47.118: hostname opt.edirectnetwork.net verification
>>fai...
>>
>
>Lots of reverse DNS lookups fail.
>
>
This does seem odd.
If I check the reverse lookups manually they are there.
I had a few minites (4 or 5) of downtime yesterday which may
explain some, but no all.
My mrtg on my internet wan interface shows there to be bandwidth
available at all times yesterday, no saturation, but these are five minute
averages.
>
>>Fatal Errors: none
>>
>>Panics: none
>>
>>Master daemon messages: none
>>
>
>Good!
>
>>Senders by message count
>>------------------------
>> 80 from=<>
>> ......
>>
>>
>
>>This last bit I don't like. Someone is not putting in their reply to
>>address. Would it be sensible to stop this?
>>
>
>No. these are bounces.
>
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|