Bug #3411
SMTP mail reception delayed in receive only systems
| Status: | CLOSED | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-mail-common | |||
| Target version: | v6.8 | |||
| Security class: | Resolution: | |||
| Affected version: | NEEDINFO: | No |
Description
I've discovered a very rare problem on a mail server where the system is used only to receive emails: amavisd stops to respond and emails are received only when it begins to respond again.
I'm unable to reproduce the problem, but I can find a clear pattern into maillog:
Jun 20 17:42:32 mail transfer/smtpd[23714]: warning: timeout talking to proxy 127.0.0.1:10024 Jun 20 17:42:32 mail transfer/smtpd[23714]: proxy-reject: END-OF-MESSAGE: 451 4.3.0 Error: queue file write error; ... Jun 21 09:28:46 mail amavis[9033]: (09033-37) ESMTP:[127.0.0.1]:10587
Once I was able to analyze the system while amavisd was not responding: I connected to port 10587 and it immediately began to respond.
Associated revisions
Bypass amavisd. Refs #3411
Bypass if no disclaimer is defined, to avoid amavisd multiport issues.
Full daemon restart on domain events. Refs #3411
Expand additional postfix templates to configure internal email paths if
mail disclaimers change.
Bypass amavisd. Refs #3411
If no disclaimer is defined amavisd is completely bypassed on
submission.
History
#1
Updated by Davide Principi about 5 years ago
Filippo Carletti wrote:
the system is used only to receive emails
Are you sure it is only receiving? The log trace you attached shows a local connection on port 587!
#2
Updated by Filippo Carletti about 5 years ago
Are you sure it is only receiving?
Ok, mostly receiving. :-)
#3
Updated by Davide Principi about 5 years ago
- Status changed from NEW to TRIAGED
- % Done changed from 0 to 20
It seems the Net::Server Perl module, which amavisd relies on, suffers of blocking issues when listening on multiple ports.
The only workaround is changing our configuration to listen on multiple ports only if needed.
By now a message sent on submission ports uses amavisd for
1. disclaimer
2. virus scan
I think virus scan can be safely ignored, assuming authentication is enabled on 587. The disclaimer feature is rarely used, and we could bypass amavisd entirely on most cases.
#4
Updated by Davide Principi about 5 years ago
- Tracker changed from Enhancement to Bug
- Status changed from TRIAGED to MODIFIED
- % Done changed from 20 to 60
MODIFIED
Pull Requests:- https://github.com/NethServer/nethserver-mail-common/pull/8/files
- https://github.com/NethServer/nethserver-mail-filter/pull/2/files
If no mail disclaimer is defined, amavisd listen on a single port (10024) reducing the impact of multi port configurations that seems to originate the blocks.
The proposed fix should mitigate the bug impact.
#5
Updated by Giacomo Sanchietti about 5 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
- nethserver-mail-common-1.5.5-1.3.g9e118a2.ns6.noarch.rpm
- nethserver-mail-filter-1.3.7-1.2.g3198b55.ns6.noarch.rpm
- Check the bug is not reproducible
#6
Updated by Giacomo Sanchietti about 5 years ago
- Assignee set to Giacomo Sanchietti
#7
Updated by Giacomo Sanchietti about 5 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 70 to 90
This has been tested on multiple machines: when Amavis listens only on one interface, the daemon never blocks.
#8
Updated by Giacomo Sanchietti about 5 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- nethserver-mail-common-1.5.6-1.ns6.noarch.rpm
- nethserver-mail-filter-1.3.8-1.ns6.noarch.rpm