'Re: [Qmail-scanner-general]many scanner processes never exit'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qmail-scanner-general
Subject:    Re: [Qmail-scanner-general]many scanner processes never exit
From:       John Simpson <jms1 () jms1 ! net>
Date:       2006-04-19 14:33:18
Message-ID: 1EF2B6EB-60E1-4D75-B3C8-FA93FA99F923 () jms1 ! net
[Download RAW message or body]

On 2006-04-18, at 1940, Jesse Sanford wrote:
>
> They appear to hang after the attempt to dump the msg into the  
> working Maildir.
>
> From qmail-smtpd log:
>
> 2006-04-17 14:00:52.430491500 tcpserver: pid 9220 from 128.32.61.106
> 2006-04-17 14:00:52.447959500 tcpserver: ok 9220  
> mail.seedboxconnect.com:10.0.0.3:25 smtp-out1.berkeley.edu: 
> 128.32.61.106::37978
>
> From qmail-queue.log:
>
> Mon, 17 Apr 2006 14:00:53 PDT:9221: +++ starting debugging for  
> process 9221 by uid=89
> Mon, 17 Apr 2006 14:00:53 PDT:9221: setting UID to EUID so  
> subprocesses can access files generated b
> y this script
> Mon, 17 Apr 2006 14:00:53 PDT:9221: program name is qmail-scanner- 
> queue.pl, version 2.00
> Mon, 17 Apr 2006 14:00:53 PDT:9221: w_c: mkdir /var/spool/qscan// 
> tmp/seedboxconnect.com1145307653540
> 9221
> Mon, 17 Apr 2006 14:00:53 PDT:9221: w_c: start dumping incoming msg  
> into /var/spool/qscan//working/t
> mp/seedboxconnect.com11453076535409221 [0.002144]
>
>
> Dir /var/spool/qscan//tmp/seedboxconnect.com1145307653540 is empty  
> as is the file in working/tmp:
>
> -rw-rw----  1 qscand qscand     0 Apr 17 14:00  
> seedboxconnect.com11453076535409221
>
> Other info: softlimit is 40000000, which the FAQ suggests is higher  
> than necessary.  Not sure if that could have side effects here.   
> Most of the zero-length entries in working/tmp trace back to a log  
> pattern like the one above.  There are also some 24+ hour-old non- 
> zero files but they are far fewer in number.  Originating smtp  
> servers vary.

i haven't used a "softlimit" at all. most people use it because  
they're copying an install guide which has it in there. it's only  
there because it is theoretically possible to cause a denial of  
service through memory exhaustion, but in seven years of building and  
running qmail systems, i have yet to hear of it happening.

try removing the "softlimit nnnn" portion of the command line. it may  
help, or it may have no effect at all- but it's certainly worth trying.

> Thanks again for any suggestions.  Maybe qmail-smtpd can be  
> compiled with a debug mode to log its smtp conversations -- could  
> let me track what is supposed to be transmitted.  Looking into that  
> next.

there is no such option for qmail-smtpd itself. there is, however, a  
program called "recordio" (part of the ucspi-tcp package, if you have  
"tcpserver" then you also have "recordio") which can be added to the  
"exec tcpserver ... qmail-smtpd" command line, which will cause the  
SMTP conversation to be written to the qmail-smtpd log file.

	http://cr.yp.to/ucspi-tcp/recordio.html

the place to insert it would be directly in front of "qmail-smtpd" on  
the command line, or if you're also using rblsmtpd and you want to  
watch rblsmtpd working as well as qmail-smtpd, then insert it just  
before "rblsmtpd" on the command line. (and wherever you insert it,  
don't forget to restart the qmail-smtpd service using "svc -t" after  
changing the "run" script.)

a few things to be aware of:

(1) using recordio will make the log file grow much larger than it  
normally does. once you're done with it, don't forget to pull it out  
of the command line (and restart the qmail-smtpd service, of course.)

(2) if the connection is encrypted, recordio will probably log the  
encrypted garbage- which doesn't help you any, and which uses 2-3  
times more disk space than just logging the SMTP conversation normally.

(3) if you are using AUTH, the actual AUTH commands will be logged as  
well. for the AUTH PLAIN or AUTH LOGIN methods, the command you see  
in the log can be decoded to find the password. be careful with who  
has access to the log files.

it may also help to manually walk through an SMTP session. i actually  
wrote this page to explain how to test the AUTH command, but it does  
show how to manually do an SMTP transaction. if you're not using  
AUTH, you can ignore the AUTH-related stuff, and after doing your  
EHLO command, jump directly to the end of the page with the MAIL  
FROM, RCPT TO, and DATA commands.

	http://qmail.jms1.net/test-auth.shtml

--------------------------------------------------
| John M. Simpson - KG4ZOW - Programmer At Large |
| http://www.jms1.net/           <jms1@jms1.net> |
--------------------------------------------------
| Mac OS X proves that it's easier to make UNIX  |
| pretty than it is to make Windows secure.      |
--------------------------------------------------



["PGP.sig" (application/pgp-signature)]
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Qmail-scanner-general mailing list
Qmail-scanner-general@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic