#1  
Old 10th June 2010, 18:25
pedrovalmor pedrovalmor is offline
Junior Member
 
Join Date: May 2010
Posts: 20
Thanks: 4
Thanked 0 Times in 0 Posts
Default Faster Postfix problems

Hello all,

I did the "Perfect Server Ubuntu 9.10 Server ISPConfig 3" and I need a faster postfix to send and receive emails in max 10 minutes of delay.
The main.cf its like the tutorial...
This is the master.cf

Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -        50      smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       60      1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1?      0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       50      smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_bind_address=127.0.0.1
I change this and sometimes I have 200 requests in queue

see:

flush to 1 s
smtp to 100
smtpd to 50
qmgr to 60 s

This is the better what I can do to solve my problem?

thanks!
Reply With Quote
Sponsored Links
  #2  
Old 10th June 2010, 20:25
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,504
Thanks: 813
Thanked 5,265 Times in 4,129 Posts
Default

The default setup is already relatively fast, it handles several thound emails per hour on normal hardware.

1) How many emails do you get per hour?
2) Please run the command "top" on the shell and post a screenshot of it.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 10th June 2010, 21:21
pedrovalmor pedrovalmor is offline
Junior Member
 
Join Date: May 2010
Posts: 20
Thanks: 4
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till View Post
The default setup is already relatively fast, it handles several thound emails per hour on normal hardware.

1) How many emails do you get per hour?
2) Please run the command "top" on the shell and post a screenshot of it.
Thanks for answer Till

1) 600 per hour more or less, or 10 per minute
I have 50 workstations with send and receive too much emails becouse its a import/export business.

2) This is the "top"
Code:
top - 16:17:49 up 9 days, 16:10,  1 user,  load average: 0.05, 0.16, 0.14
Tasks: 172 total,   1 running, 162 sleeping,   9 stopped,   0 zombie
Cpu(s):  5.7%us,  0.8%sy,  0.0%ni, 88.7%id,  4.6%wa,  0.0%hi,  0.2%si,  0.0%st
Mem:   4048772k total,  3974364k used,    74408k free,   227992k buffers
Swap: 11857912k total,    29492k used, 11828420k free,  2495812k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND                                                                                         
18552 amavis    20   0  206m  83m 4176 S    9  2.1   0:07.73 amavisd-new                                                                                     
 2008 proxy     20   0  172m 150m 1732 S    1  3.8  40:50.06 squid                                                                                           
18445 amavis    20   0  207m  83m 3808 S    1  2.1   0:08.67 amavisd-new                                                                                     
 1965 root      20   0 81992  25m 1164 S    0  0.6   0:04.03 saslauthd                                                                                       
 7265 clamav    20   0  245m 138m 1272 S    0  3.5   7:45.11 clamd                                                                                           
19099 root      20   0 19136 1388  992 R    0  0.0   0:00.05 top                                                                                             
19113 postfix   20   0 56512 2972 2296 S    0  0.1   0:00.01 smtp                                                                                            
22014 postfix   20   0  103m 4696 3460 S    0  0.1   0:01.12 smtpd                                                                                           
    1 root      20   0 19320 1484 1092 S    0  0.0   0:01.27 init                                                                                            
    2 root      15  -5     0    0    0 S    0  0.0   0:00.00 kthreadd                                                                                        
    3 root      RT  -5     0    0    0 S    0  0.0   0:02.30 migration/0                                                                                     
    4 root      15  -5     0    0    0 S    0  0.0   0:04.31 ksoftirqd/0                                                                                     
    5 root      RT  -5     0    0    0 S    0  0.0   0:00.00 watchdog/0                                                                                      
    6 root      RT  -5     0    0    0 S    0  0.0   0:02.14 migration/1                                                                                     
    7 root      15  -5     0    0    0 S    0  0.0   0:09.35 ksoftirqd/1                                                                                     
    8 root      RT  -5     0    0    0 S    0  0.0   0:00.00 watchdog/1                                                                                      
    9 root      15  -5     0    0    0 S    0  0.0   0:00.15 events/0                                                                                        
   10 root      15  -5     0    0    0 S    0  0.0   0:00.18 events/1                                                                                        
   11 root      15  -5     0    0    0 S    0  0.0   0:00.00 cpuset                                                                                          
   12 root      15  -5     0    0    0 S    0  0.0   0:00.00 khelper                                                                                         
   13 root      15  -5     0    0    0 S    0  0.0   0:00.00 netns                                                                                           
   14 root      15  -5     0    0    0 S    0  0.0   0:00.00 async/mgr                                                                                       
   15 root      15  -5     0    0    0 S    0  0.0   0:00.00 kintegrityd/0                                                                                   
   16 root      15  -5     0    0    0 S    0  0.0   0:00.00 kintegrityd/1                                                                                   
   17 root      15  -5     0    0    0 S    0  0.0   0:00.53 kblockd/0                                                                                       
   18 root      15  -5     0    0    0 S    0  0.0   0:00.68 kblockd/1                                                                                       
   19 root      15  -5     0    0    0 S    0  0.0   0:00.00 kacpid                                                                                          
   20 root      15  -5     0    0    0 S    0  0.0   0:00.00 kacpi_notify                                                                                    
   21 root      15  -5     0    0    0 S    0  0.0   0:00.00 kacpi_hotplug                                                                                   
   22 root      15  -5     0    0    0 S    0  0.0   0:00.00 ata/0                                                                                           
   23 root      15  -5     0    0    0 S    0  0.0   0:00.00 ata/1                                                                                           
   24 root      15  -5     0    0    0 S    0  0.0   0:00.00 ata_aux                                                                                         
   25 root      15  -5     0    0    0 S    0  0.0   0:00.00 ksuspend_usbd                                                                                   
   26 root      15  -5     0    0    0 S    0  0.0   0:00.01 khubd                                                                                           
   27 root      15  -5     0    0    0 S    0  0.0   0:00.00 kseriod                                                                                         
   28 root      15  -5     0    0    0 S    0  0.0   0:00.00 kmmcd                                                                                           
   29 root      15  -5     0    0    0 S    0  0.0   0:00.00 bluetooth                                                                                       
   30 root      20   0     0    0    0 S    0  0.0   0:00.00 khungtaskd                                                                                      
   31 root      20   0     0    0    0 S    0  0.0   0:00.00 pdflush                                                                                         
   32 root      20   0     0    0    0 S    0  0.0   0:27.05 pdflush                                                                                         
   33 root      15  -5     0    0    0 S    0  0.0   0:05.34 kswapd
Thanks
Reply With Quote
  #4  
Old 10th June 2010, 21:29
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,504
Thanks: 813
Thanked 5,265 Times in 4,129 Posts
Default

10 per minute are very few for this setup, it should not take longer then 10 - 15 seconds for a email to get deliveredand your system is not under high load.

The most likely reason for the delays are dns problems. Eg. if your server is not able to respolve domain names or some kind of firewall in your network blocks outgoing connections from the server to the internet. The spamfilter queries several external services and if you block these queries with a firewall, the system will wait until the connections time out which slows down the delivery process a lot.

1) Install all available ubuntu updates.
2) Run the command "sa-update" to update the spamassassin and restart amavisd afterwards.
3) Make sure that you have more then one external DNS Server in /etc/resolv.conf and that all of these servers are reachable and working.
4) Make sure that you have not blocked outgoing connections from the server to the internet.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 10th June 2010, 21:47
pedrovalmor pedrovalmor is offline
Junior Member
 
Join Date: May 2010
Posts: 20
Thanks: 4
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till View Post
10 per minute are very few for this setup, it should not take longer then 10 - 15 seconds for a email to get deliveredand your system is not under high load.

The most likely reason for the delays are dns problems. Eg. if your server is not able to respolve domain names or some kind of firewall in your network blocks outgoing connections from the server to the internet. The spamfilter queries several external services and if you block these queries with a firewall, the system will wait until the connections time out which slows down the delivery process a lot.

1) Install all available ubuntu updates.
2) Run the command "sa-update" to update the spamassassin and restart amavisd afterwards.
3) Make sure that you have more then one external DNS Server in /etc/resolv.conf and that all of these servers are reachable and working.
4) Make sure that you have not blocked outgoing connections from the server to the internet.
1) updated
2) done
3) I change the DNS of my provider to OpenDNS, it's good right? Done!
4) What's outgoing connection you mean?

well, this is my rc.local with all firewall entrances:
Code:
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

# share the internet
modprobe iptable_nat
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A INPUT -i eth0 -p tcp --dport 3128 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

# ACCEPT TCP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -p tcp --dport 20 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 110 -j ACCEPT
iptables -A INPUT -p tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp --dport 1521 -j ACCEPT
iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
iptables -A INPUT -p tcp --dport 3389 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
iptables -A INPUT -p tcp --dport 10000 -j ACCEPT
iptables -A INPUT -p tcp -d 200.255.125.214 -j ACCEPT

# ACCEPT UDP
iptables -A INPUT -p udp --dport 21 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 1521 -j ACCEPT
iptables -A INPUT -p udp --dport 3306 -j ACCEPT
iptables -A INPUT -p udp --dport 3389 -j ACCEPT

# REDIRECT
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 172.19.57.1:3128

# PROTECTIONS
echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
iptables -A INPUT -m state --state INVALID -j DROP

# DROP
iptables -A INPUT -p tcp --syn -j DROP
Just to know, I have squid in this server too, and listen in eth0 (local network)

Thanks Till
Reply With Quote
  #6  
Old 10th June 2010, 21:57
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,504
Thanks: 813
Thanked 5,265 Times in 4,129 Posts
Default

Quote:
4) What's outgoing connection you mean?
The spamfilter uses several internet services like dns blacklists to check if a email is spam. So make sure that no outgoing connections from the server to the internet are blocked. If they are blocked you will see a massive slowdown in mail delivery, as every mail ge stuck in the queue untill all connection attempts are timed out.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
pedrovalmor (10th June 2010)
  #7  
Old 10th June 2010, 22:11
pedrovalmor pedrovalmor is offline
Junior Member
 
Join Date: May 2010
Posts: 20
Thanks: 4
Thanked 0 Times in 0 Posts
 
Default

Works great now!!

this was the problem, I forget to put this:
Code:
# OUTPUT
iptables -A INPUT -i lo -j ACCEPT
and now I can receive and send faster than ever!!!

thanks Till

Last edited by pedrovalmor; 11th June 2010 at 20:07.
Reply With Quote
Reply

Bookmarks

Tags
postfix faster

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ERROR: Connection dropped by IMAP server. [Centos 5.4, courier imap,squirrel, etc] darevil HOWTO-Related Questions 7 9th June 2010 14:49
Postfix not responding to telnet CarbonCopy Server Operation 6 8th May 2009 05:39
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 17:39
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36


All times are GMT +2. The time now is 06:44.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.