Mailing List Archive: Qmail: users

Question About All Incoming Listening SMTP Ports Consumed

Index | Next | Previous | View Threaded

datesfat.chicks at gmail

Jun 14, 2010, 4:59 PM

Post #1 of 5 (813 views)
Permalink

Question About All Incoming Listening SMTP Ports Consumed

I have a low-volume server sitting on the Internet. It gets hit with lots
of SPAM. I do have a mailbox or two there, so it does accept incoming
email. I don't normally keep an eye of incoming connections or the SPAM
volume.

Anyway, I have a script that automatically sends notifications when a CVS
(version control system) commit is done. Recently, the script has been
timing out because all of the available SMTP listening connections are
consumed by incoming SPAM. The script runs on the server, so it is making a
connection on Port 25 of "localhost".

The root cause of the problem is that incoming SPAM and legitimate e-mails
injected locally are both consuming SMTP listening connections out of the
same fixed-size pool.

What are my best options for solving the problem? Is there a way to create
a separate pool of listeners for localhost vs. external incoming
connections?

I don't want to start using advanced anti-SPAM countermeasures unless really
necessary (yes, I'm that lazy).

Thanks, Datesfat

sgifford at suspectclass

Jun 14, 2010, 7:34 PM

Post #2 of 5 (756 views)
Permalink

Re: Question About All Incoming Listening SMTP Ports Consumed [In reply to]

On Mon, Jun 14, 2010 at 7:59 PM, Datesfat Chicks
<datesfat.chicks [at] gmail>wrote:
[ ... ]

> Anyway, I have a script that automatically sends notifications when a CVS
> (version control system) commit is done. Recently, the script has been
> timing out because all of the available SMTP listening connections are
> consumed by incoming SPAM. The script runs on the server, so it is making a
> connection on Port 25 of "localhost".
>
[ ... ]

If the CVS system is on the same host as the mail server, you could invoke
qmail-inject or /var/qmail/bin/sendmail directly. That would bypass the
SMTP server.

Otherwise, you could try increasing the maximum connections to your SMTP
server. Or you could set up an SMTP server on an alternate port, and have
your CVS system route mail to the server via that alternate port.

Hope that's helpful,

-----Scott.

amb-sendok-1279167218.penbhecebcnmpgomedng at bradfo

Jun 14, 2010, 9:13 PM

Post #3 of 5 (755 views)
Permalink

Re: Question About All Incoming Listening SMTP Ports Consumed [In reply to]

Thus said Datesfat Chicks on Mon, 14 Jun 2010 19:59:02 EDT:

> What are my best options for solving the problem?

Don't use SMTP to inject email locally. Use /usr/sbin/sendmail (which
presumably is a link or a mailwrapper to /var/qmail/bin/sendmail).

Andy

lists-qmail at maexotic

Jun 15, 2010, 5:02 AM

Post #4 of 5 (745 views)
Permalink

Re: Question About All Incoming Listening SMTP Ports Consumed [In reply to]

You are probably running tcpserver on 0.0.0.0.
You could duplicate the startup script and have the tcpserver in one
listen to the external visible IP address and the other listen on
127.0.0.1.
That way you have two connection pools.
Make your script connect to 127.0.0.1.

Keep in mind however that if the external incoming connections
saturate your (still single) working queue, deliveries from the local
pool will be delayed, too, but at least accepted.

Another thing I found useful is to
echo "10" > /var/qmail/control/timeoutsmtpd
Rarely see a legit mailserver run into that, but a lot of spam
connections get dropped.

\Maex

datesfat.chicks at gmail

Jun 15, 2010, 5:55 AM

Post #5 of 5 (744 views)
Permalink

Re: Question About All Incoming Listening SMTP Ports Consumed [In reply to]

On Tue, Jun 15, 2010 at 8:02 AM, Markus Stumpf <lists-qmail [at] maexotic>wrote:

> You are probably running tcpserver on 0.0.0.0.
> You could duplicate the startup script and have the tcpserver in one
> listen to the external visible IP address and the other listen on
> 127.0.0.1.
> That way you have two connection pools.
> Make your script connect to 127.0.0.1.
>

Thanks for that word of advice. For some reason--am I'm a hack at TCP
networking--it eluded me that you could have a separate listener on
localhost than on the external IP. I was thinking I needed a second IP
address (which I have, but your approach is simpler).

>
> Keep in mind however that if the external incoming connections
> saturate your (still single) working queue, deliveries from the local
> pool will be delayed, too, but at least accepted.
>

That is acceptable behavior in my case. Thanks for the warning. Plus or
minus a little, our CVS commit notices say "A colleague changed some
code--you might want to look at the change". These notices aren't generally
time-critical.

>
> Another thing I found useful is to
> echo "10" > /var/qmail/control/timeoutsmtpd
> Rarely see a legit mailserver run into that, but a lot of spam
> connections get dropped.
>
> I dropped mine down to 300 (from the default 1200). However, that was one
question lingering in mind -- how long is reasonable? With network speeds
being what they are these days, I just didn't fully understand why a value
like 1200 would be the default. I did not know that something as low as 5
would work.

I'm not actually sure where most SPAM comes from (it is hijacked PC's, or
what?).

In any case, I doubled the maximum number of SMTP receiving processes (from
20 to 40) and decreased timeoutsmtpd to 300. If that doesn't work (or when
the SPAM volume gets high enough that it stops working), I'll adopt your
suggestion and go with separate listeners.

Thanks, Datesfat

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads