# Postfix + MySQL from mail guide - Very Slow

## cryos

I have just finished setting up Postfix with MySQL as a backend as the virtual mailhost guide explains. It is all up and running, and it is working. The one thing I have noticed though is that it seems to be working very slowly.

Using telnet relay-test.mail-abuse.org on my new Gentoo based Postfix mail server, and the already installed Red Hat 8 sendmail installed mail server I have been using for months. The sendmail server passes all the tests in less than a quarter of the time, and it is a lower specced machine.

I thought it was SETI, so I stopped that, but it is still dire. Has anyone else noticed how slow postfix is in this set up? Is there anything I can do to speed it up? I am using smtp -v, but that shouldn't cause this, the system is literally under no load and not even being used. Also new mail can take a minute or more to arrive in the inbox, when this is instant in my sendmail set up.

I would really appreciate knowing if others have noticed this, and whether I should be worried by it, or is it just part of the design or something?

----------

## MoonWalker

Have you tried without -v? It would be interesting to know the result as I'm fighting with this setup as well and if it's suggish it might be worth looking for an other way.

----------

## cryos

I have just tried it without the -v, I think this is just extra logging. Anyway it is still far slower than sendmail, yet using top I can see the system is 98% idle and I can't even see the SMTP daemon in the listing as using the CPU. It is just rejecting all the relay attempts too - there doesn't seem to be any IO going on there.

I really can't understand why postfix in this set up would be so slow, but if it was under any great load I could imagine this easily being a problem as I can see how slowly it is processing the SMTP sessions with the relay test server. I ran three tests on the sendmail server and the postfix was still going for quite some time more when I got bored of doing that!

Is it the MySQL backend? Set up as in the Virtual Mailhost Guide letter for letter.

----------

## MoonWalker

Which version of mysql are you using? I'm using 4.0.12 and hope to soon have it up for a test. Unfortunately I don't have any sendmail to compare with, but I may can compare with my current production box runing postfix 1.x and not using mysql.

I just have some apache2 ssl problems to solve, get it to work with the local domain, but not with a virtual  :Smile: 

----------

## cryos

I am still using MySQL 3.23.56, and pam_mysql 0.4.7 (not used in this test though) with Postfix 2.0.9 using the mysql backend as described in the mailhost guide.

I have just issued the command

```
time telnet relay-test.mail-abuse.org
```

To compare the speeds of the two servers. Both actually passed the tests. They are both on the same ADSL line, with different IPs in the same subnet. The sendmail server was actually running SETI in the background, whereas the postfix server was running nothing in the background.

The sendmail server returned,

real    0m13.541s

user    0m0.006s

sys     0m0.020s

Whilst, after quite a wait, the postfix server returned,

real    8m1.222s

user    0m0.006s

sys     0m0.016s

Quite a difference! I would appreciate you posting your results to this test if you don't mind. I would like to know if the MySQL backend is causing this massive slowdown, although I have always found MySQL to be extremely fast and efficient in the past.

----------

## MoonWalker

Well I have things setup up now, to the point starting with webmail, but I have problems authentication with mysql (note I have changed mysql username below and and acessing mysql as this user works from console).

```
030430 18:33:07     290 Connect     Access denied for user: 'mailsqladm@localhost' (Using password: YES)

030430 18:33:29     291 Connect     Access denied for user: 'mailsqladm@localhost' (Using password: YES)

```

 I suspect this may have to do with docs being very vauge on pointing out some important details as where a password need to be put in plain text in a file or not. The style $password is used everywere, at one instance like '$password' which I interpret being a place holder for a string, but not the other places.

[EDIT]Ops1 Think I found it[/Edit]

It strikes me how often I have seen this type of "taken-for-granted-stuff" in tutorials and howto's where the authour don't realize how puzzling this can be to a newbie in the field.

I'll have to do some try'nerror to get to the point testing spead. Meanwhile you may canm point me to where I get that test script?

----------

## MoonWalker

An other thing I noticed, which also may affect this. When I added the vmail user I was never promted for a password and same thing with vmail group, but when I use webmin and look at them they both have something in the "pre-encrypted password" field, just one chars ???

----------

## cryos

Wherever thay have used passwords in the docs it is your plain text password they want you to use. All the files contain the plain text password.  The code I gave in my previous post is literally what to type at the command prompt. 

I just timed how long it took telnet to exit, and telnetted to the address given. That address automatically runs a series of 19 tests to see if your mail server allows relaying. I always use it when I have finished setting up a mail server, it just shocked me how slow it was in this case.

I would love to see it people get similar times on other postfix set ups. I am going to try recompiling my kernel later too - it is pretty old and has never seemed to be quite right. I don't think it's the issue here, but I will try it anyway.

----------

## cryos

 *Quote:*   

> When I added the vmail user I was never promted for a password

 

This is because the user never physically logs into the system, and so they do not need a password. I believe the other system accounts such as postfix are the same, process just su to that user from root during startup, and so no direct login takes place, nor should it and so no password is needed.

----------

## MoonWalker

WEll I figured that out and have come a bit futher... mysql seam to work and pull a SELECT query

```
430 20:17:05     352 Query       SELECT email, "", clear, uid, gid, homedir, maildir, "", name FROM users WHERE email = "josch@posthost.biz"
```

and pop3d or pop3d-ssl make a connection

```
Apr 30 20:15:32 merc pop3d: Connection, ip=[x.x.x.x]

Apr 30 20:16:54 merc pop3d-ssl: Connection, ip=[x.x.x.x]
```

but then mail client returns

```
There was a problem logging onto your mail server. Your Password was rejected. Account: 'mail.posthost.biz', Server: 'cms.posthost.biz', Protocol: POP3, Server Response: '-ERR Maildir: No such file or directory', Port: 995, Secure(SSL): Yes, Server Error: 0x800CCC90, Error Number: 0x800CCC92
```

 and understand this is logical as there is no .maildir, but surely remember it said somewere postfix would create the .maildir if no one exsisted or? When I send an email to this address I just get a 

```
550 <josch@posthost.biz>: User unknown
```

Obviously there is something wrong with my Postfix setup, but I'm also a bit suspisious about the data in the mailsql 'virtual' table, I have there uid=1, email='josch@posthost.biz, destination='josch@posthost.biz', I also tried with destination='josch' but notting works. I know, I can go ahead an manually creat the .maildir to see what's next, just thought I would doment this first as I belive the real cause is elsewere.

----------

## cryos

I know in my set up and in the guide you specify a minimum uid of 1000, and so setting a uid of 1 will fail due to that configuration. This is done to stop system uids being used for mail, as all users should have a uid above 1000. My set up does seem to create the maildirs for me though.

Still seems a little slow, but it does work so I figured it is possibly a quirk of postfix whereby it rate limits connections from the same host, or may be the mysql backend is the bottleneck. You don't even need the pop3 and imap entries in /etc/pam.d as far as I can tell either - only the smtp entry is used as the others don't even use PAM.

I have integrated Mail Scanner, Spam Assassin and ClamAV into my set up now and it all seems to be working quite happily apart from these small delays. I am going to try switching my main mail accounts over to this server in a few days and see how it fairs anyway.

----------

## MoonWalker

My problem with posthost.biz turned out to be the domain was set inactive by my registrar. This was done due to in change of nameservers I left the record with only one ns (removing my old) and this seam to have triggered an automatic inactivation  :Sad:  anyhow fixed now...

So I have come futher and actually got it working, but not perfect. I get it working for some mail and some not, some end up at the wrong place. This is due to me have many different addresses where some is just aliases and it seam to be a bit tricky with the mapping but it's probably due me not fully have understood yet how it flows. Havn't done any speed tests yet but from the logs I see it often test for a lot mappings I don't use and report several not found untill it finaly find the right destination. THis may be the reason for slowish performance, it actually do a lot of job you havn't asked it to do. Perhaps this can be trimmed by configuration.

Btw, I done it so I only use virtuals and no local accounts and all those tests I wrote about above are for local delivery. I'm not sure how to turn this of though.

I'm glad to hear you come all the way to setup Mail Scanner, Spam Assassin and ClamAV, I may come back to you to benefit from your experiences when I come that far... Like to have Imap and squerellmail up first, mailman I dont bother with. Also I like to have the mapping really trimmed as well before I move on adding things.

----------

## Dr_Stein

 *Quote:*   

> and understand this is logical as there is no .maildir, but surely remember it said somewere postfix would create the .maildir if no one exsisted or? 

 

Unfortunately, this is totally incorrect. 

You'll need to use "maildirmake" which comes with the Courier-IMAP package.

If you have any questions, let me know.  :Smile:  I bashed through that how-to and re-wrote big portions of it, and set up 2 machines already.  :Smile: 

----------

## cryos

Well I am not sure what I did differently, but my set up makes the appropriate directories and the maildir! I have just tested it by adding a new user and it created that virtual users directory, and the .maildir/ within that directory for me. There was no intervention on my part, and I can collect mail from it with no problems.

----------

## MoonWalker

 *Quote:*   

> Quote: 
> 
> and understand this is logical as there is no .maildir, but surely remember it said somewere postfix would create the .maildir if no one exsisted or?  
> 
> Unfortunately, this is totally incorrect. 
> ...

 

Well I have it setup mostly now, so it works with pop3, Imap and smtp and smtp seam to create a .maildir if mail is sent to the address, but not pop3 or Imap, but thats just to send a welcome message when creating the account.

 *Quote:*   

> If you have any questions, let me know.  I bashed through that how-to and re-wrote big portions of it, and set up 2 machines already. 

  So were can this rewritten how-to be viewed? Yes, got question. pop3, smtp and imap all seam to work, I can send and receive mail but after installing squirrelmail and trying to login first time I just got this

```
Warning: session_start() [function.session-start]: open(/tmp/sess_09dd5d6126d2e3a640e0ac1b52964c65, O_RDWR) failed: Permission denied (13) in /home/httpd/htdocs/squirrelmail/functions/global.php on line 285

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/httpd/htdocs/squirrelmail/functions/global.php:285) in /home/httpd/htdocs/squirrelmail/functions/global.php on line 285

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/httpd/htdocs/squirrelmail/functions/global.php:285) in /home/httpd/htdocs/squirrelmail/functions/global.php on line 285

Warning: Cannot modify header information - headers already sent by (output started at /home/httpd/htdocs/squirrelmail/functions/global.php:285) in /home/httpd/htdocs/squirrelmail/functions/i18n.php on line 1164

Warning: Cannot modify header information - headers already sent by (output started at /home/httpd/htdocs/squirrelmail/functions/global.php:285) in /home/httpd/htdocs/squirrelmail/src/redirect.php on line 68

Warning: Cannot modify header information - headers already sent by (output started at /home/httpd/htdocs/squirrelmail/functions/global.php:285) in /home/httpd/htdocs/squirrelmail/src/redirect.php on line 102

Warning: session_write_close() [function.session-write-close]: open(/tmp/sess_09dd5d6126d2e3a640e0ac1b52964c65, O_RDWR) failed: Permission denied (13) in /home/httpd/htdocs/squirrelmail/src/redirect.php on line 162

Warning: session_write_close() [function.session-write-close]: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in /home/httpd/htdocs/squirrelmail/src/redirect.php on line 162

Warning: Cannot modify header information - headers already sent by (output started at /home/httpd/htdocs/squirrelmail/functions/global.php:285) in /home/httpd/htdocs/squirrelmail/src/redirect.php on line 163

```

Yes I have run ./configure and tried to follow any advices I been able to find, here and in the SQ wiki, spent most of the night on it but just dont get anywere...

----------

## MoonWalker

Ahhh just after posting above I got the brilliant idea to check permissions on /tmp and of course squirrelmail didn't have permission to write there as it was 755, so made it 777 but that's not good. I would like to have SQ save session data into mysql instead?

----------

## Dr_Stein

 *Quote:*   

>  So were can this rewritten how-to be viewed? 

 

I'm still working on it - the rough draft is at http://www.pbp.net/~jnichols/vhost_mail.html  :Smile:  I've added things like Maildrop & Spamassassin into my mix, and I have to go back and figure out how I got Mailman to work finally. 

The script? http://www.pbp.net/~jnichols/mail_users.sh

Warning: My shell scripts suck really bad.  :Smile: 

----------

## MoonWalker

 *Dr_Stien wrote:*   

> I'm still working on it - the rough draft is at http://www.pbp.net/~jnichols/vhost_mail.html 

 

Seam to be a 404, but you may work on it tight now so it's only temporary? I'm really currious abot the spamassin stuff, and other expantions you done of course.

----------

## Dr_Stein

http://www.pbp.net/~jnichols/vhost-mail.html is the correct URL. Sorry about that.  :Smile: 

I haven't had a chance to add the Spamassassin or maildrop stuff yet.

----------

## Asmod

I followed this guide too. I already had php/apache/mysql running fine, postfix appears to be running ok. I ran

```
time telnet relay-test.mail-abuse.org
```

 and mine too took around 6 minutes to complete. I ran this from a *cough*exchange server*cough* and it took about 20 seconds  :Sad: 

Also I think I have setup courier-pop3d wrong with regards to the authentication method as I get this error message when trying to connect with outlook express.

 *Quote:*   

> There was a problem logging onto your mail server. Your Password was rejected. Account: 'test', Server: 'test-dev', Protocol: POP3, Server Response: '-ERR Login failed.', Port: 110, Secure(SSL): No, Server Error: 0x800CCC90, Error Number: 0x800CCC92

 

Before I used sendmail and qpopper, I thought I'd change and try a mysql backend.

I have

2.4.20-gentoo-r2

postfix-2.0.9

mysql-3.23.56

php-4.3.1 & mod_php-4.3.1

courier-imap-1.7.0

apache-1.3.27-r3

my log files only show

 *Quote:*   

> May 10 16:12:45 test-dev pop3d: Connection, ip=[x.x.x.x]
> 
> May 10 16:12:51 test-dev pop3d: LOGIN FAILED, ip=[x.x.x.x]
> 
> May 10 16:12:54 test-dev pop3d: Connection, ip=[x.x.x.x]
> ...

 

any ideas anyone?

----------

## cryos

You do have to use the full email address as the username to authenticate with. Other than that is is just editing the file as descibed in the mail guide for IMAP/POP3 authentication.

It is very disappointing to see the mail server working so slowly. I would love to hear any suggestions as to why it would go so slowly. Is it postfix? Everyone says postfix outperforms sendmail! Could be the MySQL backend but MySQL queries typically execute very quickly too.

I really cannot figure out what is causing this slowdown iin postfix, and am now going to leave it until after my finals I think. I may try removing the MySQL backend after my finals and see if it is still as slow using hashes...

----------

## Asmod

right, pop3 works, smtp works to send mail from localhosts but smtp auth doesn't  :Sad:  I get this in my logs..

 *Quote:*   

> May 10 18:47:12 test-dev postfix/smtpd[3291]: connect from shnet.demon.co.uk[194.222.115.150]
> 
> May 10 18:47:12 test-dev postfix/smtpd[3291]: >shnet.demon.co.uk[194.222.115.150]: 220 test-dev.co.uk ESMTP Postfix 
> 
> May 10 18:47:12 test-dev postfix/smtpd[3291]: watchdog_pat: 0x809a198 
> ...

 

I've searched google groups for the phrase 'unknown password verifier' and found quite a few results but none seem to say what that error actually means. I guess its related to an authentication method I've chosen but I have no clue where to look really.

My /usr/lib/sasl2/smtpd.conf says

pwcheck_method: pam

/etc/pam.d/smtp

auth     optional       pam_mysql.so server=localhost db=mailsql

user=mailsql \

        passwd=xxx table=users usercolumn=email passwdcolumn=clear crypt=0

account  required       pam_mysql.so server=localhost db=mailsql

user=mailsql \

        passwd=xxx table=users usercolumn=email passwdcolumn=clear crypt=0

Anyone got any ideas?

Thanks

----------

## cryos

Well in my config that does work I am using the line

```
pwcheck_method:saslauthd
```

in /usr/lib/sasl2/smtpd.conf. I have a similar smtp file in /etc/pam.d. Make sure that none of the lines in the smtp file have been split in two. This is what messed my config up, and it took me ages to spot due to it being split at the same size as my terminal and it just looked like line wrap!

You also need to have started saslauthd from /etc/init.d and it will run as smtp for postfix when it authenticates through PAM. Hopefully this should get you up and running - I am still left wondering about the slow speeds though  :Sad: 

----------

## Asmod

yup that worked, thanks  :Smile:  Intrestingly enough I get very similar results as you do on your little test.

 *Quote:*   

> real    8m9.394s
> 
> user    0m0.010s
> 
> sys     0m0.010s

 

I have done a few other tests and decided this is fine. There are maybe 3 possible reasons for this.

1. Bad DNS but I ruled this out as my box has no problems running queries.

2. the relay test is trying to relay, we've just setup postfix to only allow relaying from 

 a. trusted networks/ip's

 b. authenticated hosts

maybe this is causing some kind of delay?

3. Is postfix trying to connect to ident running on the relay-test.mail-abuse.org server?

if you manually telnet to your box on port 25 and manually send an email you should see that it is processed in seconds. I have tried this locally and remotely and both worked fine. So I conclude that I can receive and send mail with no delays, just can't run the relay test quickly! I'm still trawling through google pages looking at loads of stuff on bottlenecks and tuning postfix. Maybe I will try sending 1,000 mails through it and seeing how long it takes to process or something.

----------

## Asmod

right, I've done some basic benchmarks and the results are scary   :Shocked: 

Machine1: P3 600Mhz - 320mb ram(???), 2x30gb disks both IDE 7200rpm running 2.4.20-gentoo-r2.   512k/512k internet connection.

This is the machine I have postfix/mysql/sasl/imap installed as per the guide linked above.

Machine2: Athlon 1.2ghz 128mb ram, 10gb ide 7200 rpm disk, RH 7.3 2.4.18-14 kernel and running sendmail 8.12.5. 2048k/256k cable line.

All my testing so far has been with a basic php script

```
#!/usr/bin/php -q

<?

        for ($i=0; $i<1000; $i++)

        {

                mail("test@myserver.com", "test email $i", "just a small email");

        }

?>
```

so its nothing hi-tech. First I ran it from the gentoo box using postfix. I used an email addy handled by machine2 (sendmail)

This took

 *Quote:*   

> real    0m39.461s
> 
> user    0m1.430s
> 
> sys     0m0.710s

 

for the script to run and inject the mails. It was approximately 4m32s later that I had the last email received on my other machine.

I didn't think this was too bad so I ran the script on the RH machine and changed the email to one hosted on the gentoo box. Here is the script execution time

 *Quote:*   

> real    23m17.228s
> 
> user    0m20.676s
> 
> sys     0m8.762s

 

The one thing I noticed was the gentoo box went nuts, between postfix and mysql approx 63mb of logs were generated for 1000 emails. (thats sending and receiving though). To be fair I forgot to grab the size of the sendmail logs so I can't compare that. So logging definately needs to be looked at.

approx 18 minutes after the script had finished I had all 1000 emails downloaded with a pop3 client (Outlook express)

30 minutes later and the gentoo machine still has 30+ processes to do with mysql/postfix open.

While typing this another strange thing just happened. I use outlook express to test the courier-pop3 and it had downloaded my 1000 test messages. Some were late but that I suspect is due to the fact my postfix server will only handle 20 connections at once. Not a problem. Anyway, I just hit send/recv so I could download the logs I just sent myself and its just re-downloaded the 1000 messages plus another 458 error mails which look like

 *Quote:*   

> Postfix SMTP server: errors from sendmail.server[x.x.x.]
> 
> Transcript of session follows.
> 
>  Out: 220 mydomain ESMTP Postfix
> ...

 

please note I've changed ip's and domain names. I guess this just means that the machine was so busy it was failing to find out information from mysql.

Later on I think I will try this test again but turning all logging off. So in the end it took the gentoo/postfix box less than 1 minute to inject 1000 emails and then around 4 minutes to send them and for the RH/sendmail machine to recieve them all. The RH/sendmail machine took about 23 minutes to send all 1000 emails and then gentoo machine took about 23mins + 18mins = 41mins to receive the 1000 emails. Sendmail could be partly to blame for the long receive time but it did finish after 23 mins whereas postfix was still processing messages I guess.

Time for bed now, I'm going to look at postal benchmarking tomorrow, will post results and also will look into trying to speed things up slightly.

Memory usage about halfway through recv.

```
          total       used       free     shared    buffers     cached

Mem:        320088     313612       6476          0      81812      92648

-/+ buffers/cache:     139152     180936

Swap:       498952      30860     468092
```

Here is a snapshot of a ps aux about midway through the receive

```
USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND

root         1  0.0  0.1  1340  412 ?        S    Apr28   0:44 init [3]   --init

root         2  0.0  0.0     0    0 ?        SW   Apr28   0:00 [keventd]

root         3  0.0  0.0     0    0 ?        SWN  Apr28   0:00 [ksoftirqd_CPU0]

root         4  0.0  0.0     0    0 ?        SW   Apr28   0:52 [kswapd]

root         5  0.0  0.0     0    0 ?        SW   Apr28   0:04 [bdflush]

root         6  0.0  0.0     0    0 ?        SW   Apr28   1:56 [kupdated]

root        11  0.0  0.0     0    0 ?        SW   Apr28   0:00 [khubd]

root        15  0.0  0.0     0    0 ?        SW   Apr28   0:01 [kreiserfsd]

root        39  0.0  0.1  1752  564 ?        S    Apr28   0:00 /sbin/devfsd /dev

root      1200  0.0  0.2  2724  696 ?        S    Apr28   0:07 /usr/sbin/sshd

root      1235  0.0  0.1  1424  516 ?        R    Apr28   2:04 /usr/sbin/syslogd -m 0

root      1238  0.0  0.0  1440  192 ?        S    Apr28   0:00 /usr/sbin/klogd -c 3 -2

root      1276  0.0  0.1  1488  408 ?        S    Apr28   0:02 /usr/sbin/cron

root      1303  0.0  0.1  2260  608 ?        S    Apr28   0:00 login -- root     

root      1304  0.0  0.0  1336    4 vc/3     S    Apr28   0:00 /sbin/agetty 38400 tty3 linux

root      1305  0.0  0.0  1336  304 vc/4     S    Apr28   0:00 /sbin/agetty 38400 tty4 linux

root      1306  0.0  0.0  1336  304 vc/5     S    Apr28   0:00 /sbin/agetty 38400 tty5 linux

root      1307  0.0  0.0  1336  304 vc/6     S    Apr28   0:00 /sbin/agetty 38400 tty6 linux

root      8125  0.0  0.0     0    0 ?        SW   Apr28   0:00 [kjournald]

named    17655  0.0  1.1 12236 3536 ?        S    Apr28   0:00 [named]

named    17657  0.0  1.1 12236 3536 ?        S    Apr28   0:09 [named]

named    17658  0.0  1.1 12236 3536 ?        S    Apr28   4:44 [named]

named    17659  0.0  1.1 12236 3536 ?        S    Apr28   0:06 [named]

named    17660  0.0  1.1 12236 3536 ?        S    Apr28   0:31 [named]

root     25090  0.0  0.1  2004  456 ?        S    Apr28   0:00 /bin/sh /usr/bin/safe_mysqld

mysql    25123  0.0  3.0 53336 9660 ?        S    Apr28   0:10 [mysqld]

mysql    25124  0.0  3.0 53336 9660 ?        S    Apr28   0:20 [mysqld]

mysql    25125  0.0  3.0 53336 9660 ?        S    Apr28   0:16 [mysqld]

mysql    25126  0.0  3.0 53336 9660 ?        S    Apr28   0:00 [mysqld]

root      4587  0.0  0.1  2264  608 ?        S    Apr30   0:00 login -- root       

root      1265  0.0  0.2  2244  940 vc/1     S    May09   0:00 -bash

root      1299  0.0  0.2  2244  944 vc/2     S    May09   0:00 -bash

root      2201  0.0  0.3  3856 1016 ?        S    May09   0:00 proftpd: (accepting connections)            

root      5777  0.0  0.2  6100  752 ?        S    May09   0:12 /usr/sbin/sshd

root      5784  0.0  0.3  2284 1136 pts/0    S    May09   0:01 -bash

root     18441  0.0  0.5 14828 1844 ?        S    May10   0:01 /usr/sbin/apache -D PHP4 -D SSL

root     24641  0.0  0.1  2720  416 ?        S    May10   0:00 /usr/lib/courier-imap/authlib/authdaemond.mysql start

root     24646  0.0  0.2  2788  828 ?        S    May10   0:00 /usr/lib/courier-imap/authlib/authdaemond.mysql start

root     24647  0.0  0.2  2788  824 ?        S    May10   0:00 /usr/lib/courier-imap/authlib/authdaemond.mysql start

root     24652  0.0  0.2  2792  700 ?        S    May10   0:00 /usr/lib/courier-imap/authlib/authdaemond.mysql start

root     24653  0.0  0.1  2792  584 ?        S    May10   0:00 /usr/lib/courier-imap/authlib/authdaemond.mysql start

root     24654  0.0  0.1  2792  584 ?        S    May10   0:00 /usr/lib/courier-imap/authlib/authdaemond.mysql start

root     24729  0.0  0.1  1996  372 ?        S    May10   0:00 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/lib/courier-imap/courierlogger -stderrloggername=imapd -maxprocs=40 -maxperip=4 -pid=/var/run/imapd.pid -nodnslookup -noidentlookup 143 /usr/sbin/imaplogin /usr/lib/courier-imap/authlib/authdaemon /usr/sbin/courier-imapd .maildir

root     24736  0.0  0.0  1320  220 ?        S    May10   0:00 /usr/lib/courier-imap/courierlogger imapd

root     24811  0.0  0.1  1996  372 ?        S    May10   0:00 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/lib/courier-imap/courierlogger -stderrloggername=imapd-ssl -maxprocs=40 -maxperip=4 -pid=/var/run/imapd-ssl.pid -nodnslookup -noidentlookup 993 /usr/sbin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/courier-imap/authlib/authdaemon /usr/sbin/courier-imapd .maildir

root     24821  0.0  0.0  1320  220 ?        S    May10   0:00 /usr/lib/courier-imap/courierlogger imapd-ssl

root     24893  0.0  0.1  1996  404 ?        S    May10   0:00 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/lib/courier-imap/courierlogger -stderrloggername=pop3d -maxprocs=40 -maxperip=4 -pid=/var/run/pop3d.pid -nodnslookup -noidentlookup 110 /usr/sbin/pop3login /usr/lib/courier-imap/authlib/authdaemon /usr/sbin/courier-pop3d .maildir

root     24900  0.0  0.1  1328  416 ?        S    May10   0:00 /usr/lib/courier-imap/courierlogger pop3d

root     24975  0.0  0.1  1996  372 ?        S    May10   0:00 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/lib/courier-imap/courierlogger -stderrloggername=pop3d-ssl -maxprocs=40 -maxperip=4 -pid=/var/run/pop3d-ssl.pid -nodnslookup -noidentlookup 995 /usr/sbin/couriertls -server -tcpd /usr/sbin/pop3login /usr/lib/courier-imap/authlib/authdaemon /usr/sbin/courier-pop3d .maildir

root     24978  0.0  0.0  1320  220 ?        S    May10   0:00 /usr/lib/courier-imap/courierlogger pop3d-ssl

mysql    25093  0.0  3.0 53336 9660 ?        S    May10   0:00 [mysqld]

mysql    25142  0.0  3.0 53336 9660 ?        S    May10   0:00 [mysqld]

mysql     3183  0.0  3.0 53336 9660 ?        S    May10   0:00 [mysqld]

root      3841  0.0  0.2  1712  664 ?        S    May10   0:00 /usr/sbin/saslauthd -a pam -H -T

root      3842  0.0  0.2  1732  676 ?        S    May10   0:00 /usr/sbin/saslauthd -a pam -H -T

root      3843  0.0  0.2  1712  664 ?        S    May10   0:00 /usr/sbin/saslauthd -a pam -H -T

root      3844  0.0  0.2  1712  664 ?        S    May10   0:00 /usr/sbin/saslauthd -a pam -H -T

root      3845  0.0  0.2  1712  664 ?        S    May10   0:00 /usr/sbin/saslauthd -a pam -H -T

mysql     3880  0.0  3.0 53336 9660 ?        S    May10   0:00 [mysqld]

mysql     3885  0.0  3.0 53336 9660 ?        S    May10   0:00 [mysqld]

root      5417  0.0  0.5  6136 1796 ?        S    00:16   0:00 /usr/sbin/sshd

root      5419  0.0  0.4  2240 1308 pts/1    S    00:16   0:00 -bash

root      5424  0.0  0.1  1364  392 pts/1    S    00:16   0:00 tail -f daemon.log

root      5444  0.0  0.5  6096 1636 ?        S    00:18   0:00 /usr/sbin/sshd

root      5447  0.0  0.4  2260 1340 pts/2    S    00:18   0:00 -bash

root      5753  0.0  0.4  4028 1304 ?        S    00:21   0:01 [master]

root      6764  0.0  0.5  6140 1804 ?        S    00:59   0:00 /usr/sbin/sshd

root      6767  0.0  0.4  2244 1312 pts/3    S    00:59   0:00 -bash

root      6858  0.0  0.1  1364  392 pts/3    S    01:06   0:00 tail -f mail.log

postfix   8334  0.1  0.4  4156 1448 ?        S    01:37   0:02 [qmgr]

postfix  10471  0.0  0.4  4032 1316 ?        S    02:00   0:00 [pickup]

apache   10521  0.0  1.5 15376 4992 ?        S    02:01   0:00 [apache]

postfix  10588  0.0  0.4  4248 1548 ?        S    02:07   0:00 [trivial-rewrite]

mysql    10589  0.0  3.0 53336 9660 ?        S    02:07   0:00 [mysqld]

mysql    10590  0.0  3.0 53336 9660 ?        S    02:07   0:00 [mysqld]

postfix  10637  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

postfix  10638  0.5  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

postfix  10639  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

postfix  10640  0.5  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

postfix  10641  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

postfix  10642  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

postfix  10643  0.0  0.4  4140 1488 ?        S    02:12   0:00 [cleanup]

postfix  10644  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

postfix  10645  0.0  0.4  4140 1488 ?        S    02:12   0:00 [cleanup]

postfix  10646  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10647  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10648  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10649  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10650  0.1  0.4  4260 1584 ?        S    02:12   0:00 [local]

postfix  10651  0.3  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10652  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10653  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10654  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10655  0.0  0.4  4140 1488 ?        S    02:12   0:00 [cleanup]

postfix  10656  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10657  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10658  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10659  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10660  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10661  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10662  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10663  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10664  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10665  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10666  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10667  0.4  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10668  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10669  0.3  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10670  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10671  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10672  0.0  0.4  4140 1488 ?        S    02:12   0:00 [cleanup]

mysql    10673  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10674  0.3  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10675  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10676  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10677  0.3  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10678  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10679  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10680  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10681  0.3  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10682  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10683  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10684  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10685  0.3  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10686  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10687  0.3  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

mysql    10688  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10689  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

mysql    10690  0.0  3.0 53336 9660 ?        S    02:12   0:00 [mysqld]

postfix  10691  0.3  0.8  4856 2716 ?        S    02:12   0:00 [smtpd]

postfix  10692  0.0  0.4  4140 1488 ?        S    02:12   0:00 [cleanup]

mysql    10693  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10694  0.2  0.8  4856 2716 ?        S    02:13   0:00 [smtpd]

mysql    10695  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10696  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10697  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10698  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10699  0.3  0.8  4856 2716 ?        S    02:13   0:00 [smtpd]

mysql    10700  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10701  0.0  0.4  4140 1488 ?        S    02:13   0:00 [cleanup]

mysql    10702  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10703  0.3  0.8  4856 2716 ?        S    02:13   0:00 [smtpd]

postfix  10704  0.1  0.4  4260 1584 ?        S    02:13   0:00 [local]

mysql    10705  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10706  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10707  0.3  0.8  4856 2716 ?        S    02:13   0:00 [smtpd]

mysql    10708  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10709  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10710  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10711  0.3  0.8  4856 2716 ?        S    02:13   0:00 [smtpd]

mysql    10712  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10713  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10714  0.0  0.4  4140 1488 ?        S    02:13   0:00 [cleanup]

postfix  10715  0.3  0.8  4856 2704 ?        S    02:13   0:00 [smtpd]

mysql    10718  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10719  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10720  0.3  0.8  4848 2696 ?        S    02:13   0:00 [smtpd]

mysql    10721  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10724  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10725  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10726  0.3  0.8  4848 2696 ?        S    02:13   0:00 [smtpd]

mysql    10727  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10728  0.0  0.4  4140 1488 ?        S    02:13   0:00 [cleanup]

mysql    10729  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10730  0.2  0.8  4844 2692 ?        S    02:13   0:00 [smtpd]

mysql    10731  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10732  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10733  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10734  0.3  0.8  4844 2672 ?        S    02:13   0:00 [smtpd]

mysql    10736  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

mysql    10737  0.0  3.0 53336 9660 ?        S    02:13   0:00 [mysqld]

postfix  10738  0.3  0.7  4828 2540 ?        S    02:13   0:00 [smtpd]

mysql    10739  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

postfix  10740  0.0  0.4  4140 1488 ?        S    02:14   0:00 [cleanup]

mysql    10742  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

postfix  10743  0.4  0.7  4828 2532 ?        S    02:14   0:00 [smtpd]

mysql    10744  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

mysql    10745  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

mysql    10746  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

postfix  10747  0.3  0.7  4820 2488 ?        S    02:14   0:00 [smtpd]

mysql    10748  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

mysql    10749  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

postfix  10750  0.5  0.7  4820 2488 ?        S    02:14   0:00 [smtpd]

mysql    10751  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

postfix  10752  0.1  0.4  4136 1484 ?        S    02:14   0:00 [cleanup]

mysql    10753  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

postfix  10754  0.4  0.7  4820 2488 ?        S    02:14   0:00 [smtpd]

mysql    10755  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

mysql    10756  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

mysql    10757  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

postfix  10759  0.3  0.7  4696 2308 ?        S    02:14   0:00 [smtpd]

mysql    10760  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

mysql    10762  0.0  3.0 53336 9660 ?        S    02:14   0:00 [mysqld]

root     10763  2.0  0.4  4112 1304 ?        S    02:14   0:00 smtpd -n smtp -t inet -u -v

root     10764  0.0  0.2  2652  804 pts/2    R    02:14   0:00 ps aux
```

postconf -n

```
alias_database = hash:/etc/mail/aliases

alias_maps = hash:/etc/mail/aliases

biff = no

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

default_destination_concurrency_limit = 20

home_mailbox = .maildir/

inet_interfaces = all

local_destination_concurrency_limit = 2

local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname

local_transport = local

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

mydestination = mydomain, localhost

mydomain = mydomain

myhostname = mydomain

mynetworks = x.x.x.x/29, 127.0.0.0/8

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.0.9

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

sample_directory = /etc/postfix/sample

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtp_connect_timeout = 20

smtp_helo_timeout = 10

smtpd_helo_required = yes

smtpd_recipient_restrictions = permit_sasl_authenticated,

permit_mynetworks,                                      reject_unauth_destinatio

n

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_key_file = /etc/postfix/newreq.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

smtpd_use_tls = yes

tls_random_source = dev:/dev/urandom

unknown_local_recipient_reject_code = 450

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf

virtual_gid_maps = static:$vmail-gid

virtual_mailbox_base = /

virtual_mailbox_domains = gshock.co.uk

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_minimum_uid = 1001

virtual_transport = virtual

virtual_uid_maps = static:$vmail-uid
```

----------

## Asmod

 *Dr_Stein wrote:*   

> http://www.pbp.net/~jnichols/vhost-mail.html is the correct URL. Sorry about that. 
> 
> I haven't had a chance to add the Spamassassin or maildrop stuff yet.

 

Very helpfull  :Smile:  one thing that you ought to add in is

main.cf

```

transport_maps=mysql:/etc/postfix/mysql-transport.cf

mydestination = $mydomain, $transport_maps

```

otherwise virtual hosting won't work unless you change mydestination and add every domain to it. You'll get a relaying denied error!

----------

## uzik

 *cryos wrote:*   

> I have just finished setting up Postfix with MySQL as a backend as the virtual mailhost guide explains. It is all up and running, and it is working. The one thing I have noticed though is that it seems to be working very slowly.
> 
> 

 

I never did understand what the point of having mysql was in that

document. It seems like overkill for a mail system unless you're handling

thousands or mail accounts.

Perhaps if you don't need it....

----------

## Dr_Stein

 *Quote:*   

> 
> 
> The one thing I noticed was the gentoo box went nuts, between postfix and mysql approx 63mb of logs were generated for 1000 emails. (thats sending and receiving though). To be fair I forgot to grab the size of the sendmail logs so I can't compare that. So logging definately needs to be looked at.
> 
> 

 

In a prior post, you had Postfix set to uber-verbose logging (the -v in master.cf)

That will cause logfiles to go nuts as well.  :Smile: 

I tried this on a SuSE 8.1 box running an old version of Postfix:

sh-2.05b# time -p php mailtest.php

real 174.68

user 25.13

sys 12.35

sh-2.05b#

That server is an old Duron 950, too... it seems very odd that Postfix would be taking that long for you, regardless of SQL lookups.

All of the messages (1000 of them!) were passed through Postfix -> mailgate box (spamassassin/anomy) -> mail.pbp.net - they all showed up within mere minutes (and I was using Squirrelmail to go in and delete them all)

----------

## sekh

sorry to bring this thread back from the dead.. but i'm also experiencing this really slow performance when doing a 

```
telnet relay-test.mail-abuse.org
```

I'm running smtpd -v in the master.cf file for verbose logging (good for debugging  :Smile:  ). I tried turning it off but it doesn't really make a difference.

What i did notice though, and i hope this will make someone who knows a bit more about this thing than me go "AHA!", is that the first 9 tests (test 1 through 9) which relay-test.mail-abuse.org tests runs relatively fast (within the first 30 seconds or so), but from then on it's AMAZINGLY slow  :Sad: 

Another "interesting" thing i noticed is that i tried running two windows at the same time. One of them doing the 

```
telnet relay-test.mail-abuse.org
```

And the other window doing a

```
tail -f /var/log/everything/current
```

The good thing about the smtpd -v thing is that EVERYTHING gets dumped, it's really rather nuts, but good for debugging  :Smile: 

The curious thing is that when looking at both the telnet window and the tail at the same time i can see this in the telnet window:

```
:Relay test: #Test 10

>>> mail from: <spamtest@port9.ds1-hhl.adsl.cybercity.dk>

```

And while looking down at the tail window, i see all this and tons of other debug info logged instantly.. what the server is supposed to do then is give a  "250 OK" response. and i can see in the tail instantly that this is logged as being sent like this:

```

Sep 29 00:29:24 [postfix/smtpd] < cygnus.mail-abuse.org[204.152.187.123]: mail from: <spamtest@port9.ds1-hhl.adsl.cybercity.dk>

Sep 29 00:29:24 [postfix/smtpd] extract_addr: input: <spamtest@port9.ds1-hhl.adsl.cybercity.dk>

..... (lots of stuff here)

Sep 29 00:29:24 [postfix/smtpd] C8C019BD9B: client=cygnus.mail-abuse.org[204.152.187.123]

Sep 29 00:29:24 [postfix/smtpd] > cygnus.mail-abuse.org[204.152.187.123]: 250 Ok
```

As you can see the mailserver logs the 250 OK immediately however if i look up into the telnet window it takes several many seconds before 

```
<<< 250 Ok
```

appears up there... Following that the telnet window shows that 

```
>>> rcpt to: <"nobody@mail-abuse.org">
```

is sent to the server.. this is immediately logged down in the tail window, and again i can see the relaying denied error being logged as sent in the tail window again.

Here's the output from the tail window:

```
Sep 29 00:29:24 [postfix/smtpd] > cygnus.mail-abuse.org[204.152.187.123]: 250 Ok

Sep 29 00:29:34 [postfix/smtpd] watchdog_pat: 0x80a07e0

Sep 29 00:29:35 [postfix/smtpd] < cygnus.mail-abuse.org[204.152.187.123]: rcpt to: <"nobody@mail-abuse.org">
```

I've included the 250 reply mentioned above for time reference. Notice that 11 seconds pass from the server logs the 250 OK as being sent till it logs the "rcpt to:" line as being recieved.

Now the way i figure it there could be several different things causing this:

1. postfix doesn't send/flush the things on the connection at the same time as it logs it, and due to some strange buffer setting, postfix is actually not sending it back to mail-abuse.org until quite a few seconds AFTER it's been logged in the everything log.

2. there might be some buffering system or something causing delayed output in the telnet window which i am watching.

3.more speculation here?

truth is, i really dont know what's going on, i'm just trying to guess here  :Smile: 

I'm hoping that some guru reading this will know whats going on, and give some pointers on how to fix it, and make postfix (or whatever is causing the slowdown) respond faster?

anyone? please help?!?  :Very Happy: 

----------

## Dhar

I noticed the same "goes fast, then slow" while testing my setup using the same open relay test, and I think I know why.  Just guessing here, but I'm thinking this is an anti-spam/anti-abuse feature of postfix.  If there are multiple sequential emails from the same address, perhaps is starts waiting longer and longer on each one?  This would slow down any email DDOS-type attacks, and would make your server unpalatable to spammers in the case that it WAS an open relay.

Make sense, or am I just making all this up?   :Smile:   Perhaps I should go read the docs...  :Wink: 

-g.

----------

## bcressey

 *Dhar wrote:*   

> I noticed the same "goes fast, then slow" while testing my setup using the same open relay test, and I think I know why.  Just guessing here, but I'm thinking this is an anti-spam/anti-abuse feature of postfix.  If there are multiple sequential emails from the same address, perhaps is starts waiting longer and longer on each one?  This would slow down any email DDOS-type attacks, and would make your server unpalatable to spammers in the case that it WAS an open relay.
> 
> Make sense, or am I just making all this up?    Perhaps I should go read the docs... 
> 
> -g.

 

That's right.  You can control this setting using the following variables:

smtpd_soft_error_limit : number of errors until the connecting server gets hit with delays.  Defaults to 10.  This is why you see a major slowdown halfway through the open relay test.

smtpd_error_sleep_time : defaults to 1s.  You don't need to change this directly, but this is the value that postfix automatically increments in order to throttle their connection back once the soft error limit is reached.

smtpd_hard_error_limit : number of errors until the connection is terminated entirely. Defaults to 20.  If you pay attention to the open relay test you'll see that the connection gets shut down after the 20th failure.

So postfix isn't slow, it's just trying to help you out.  This behavior has been useful for me, because I've got one or two persistant scumbags who like to perform dictionary attacks against one of my virtual domains.   I've cut both the error limits in half to further hinder their efforts.[/b]

----------

## Dhar

Good to know..thanks!  (I never did get around to reading the docs on this issue...  :Embarassed:  )

-g.

----------

## violator

Any ideas what this is, and how to fix it?

```

Jan 31 18:49:01 dark postfix/smtpd[21208]: TLS connection established from unknown[192.168.0.32]: TLSv1 with cipher RC4-MD5 (128/128 bits)

Jan 31 18:49:01 dark kernel: grsec: signal 6 sent to (saslauthd:12456) UID(0) EUID(0), parent (init:1) UID(0) EUID(0)

Jan 31 18:49:01 dark kernel: grsec: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (saslauthd:12456) UID(0) EUID(0), parent (init:1) UID(0) EUID(0)

Jan 31 18:49:01 dark postfix/smtpd[21208]: warning: SASL authentication failure: size read failed

Jan 31 18:49:01 dark postfix/smtpd[21208]: warning: unknown[192.168.0.32]: SASL LOGIN authentication failed

```

----------

## bcressey

Looks like a grsec issue, more so than a postfix/TLS one.  Based on this error message I'd say that saslauthd is trying to read a file and your grsec ACLs are denying access.

You may want to start a new thread with your issue in the topic, so that others will see your question and maybe someone else can take a stab at it.

----------

