Hello all, I did the "Perfect Server Ubuntu 9.10 Server ISPConfig 3" and I need a faster postfix to send and receive emails in max 10 minutes of delay. The main.cf its like the tutorial... This is the master.cf Code: # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - 50 smtpd #submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 60 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - 50 smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bind_address=127.0.0.1 I change this and sometimes I have 200 requests in queue see: flush to 1 s smtp to 100 smtpd to 50 qmgr to 60 s This is the better what I can do to solve my problem? thanks!
The default setup is already relatively fast, it handles several thound emails per hour on normal hardware. 1) How many emails do you get per hour? 2) Please run the command "top" on the shell and post a screenshot of it.
Thanks for answer Till 1) 600 per hour more or less, or 10 per minute I have 50 workstations with send and receive too much emails becouse its a import/export business. 2) This is the "top" Code: top - 16:17:49 up 9 days, 16:10, 1 user, load average: 0.05, 0.16, 0.14 Tasks: 172 total, 1 running, 162 sleeping, 9 stopped, 0 zombie Cpu(s): 5.7%us, 0.8%sy, 0.0%ni, 88.7%id, 4.6%wa, 0.0%hi, 0.2%si, 0.0%st Mem: 4048772k total, 3974364k used, 74408k free, 227992k buffers Swap: 11857912k total, 29492k used, 11828420k free, 2495812k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 18552 amavis 20 0 206m 83m 4176 S 9 2.1 0:07.73 amavisd-new 2008 proxy 20 0 172m 150m 1732 S 1 3.8 40:50.06 squid 18445 amavis 20 0 207m 83m 3808 S 1 2.1 0:08.67 amavisd-new 1965 root 20 0 81992 25m 1164 S 0 0.6 0:04.03 saslauthd 7265 clamav 20 0 245m 138m 1272 S 0 3.5 7:45.11 clamd 19099 root 20 0 19136 1388 992 R 0 0.0 0:00.05 top 19113 postfix 20 0 56512 2972 2296 S 0 0.1 0:00.01 smtp 22014 postfix 20 0 103m 4696 3460 S 0 0.1 0:01.12 smtpd 1 root 20 0 19320 1484 1092 S 0 0.0 0:01.27 init 2 root 15 -5 0 0 0 S 0 0.0 0:00.00 kthreadd 3 root RT -5 0 0 0 S 0 0.0 0:02.30 migration/0 4 root 15 -5 0 0 0 S 0 0.0 0:04.31 ksoftirqd/0 5 root RT -5 0 0 0 S 0 0.0 0:00.00 watchdog/0 6 root RT -5 0 0 0 S 0 0.0 0:02.14 migration/1 7 root 15 -5 0 0 0 S 0 0.0 0:09.35 ksoftirqd/1 8 root RT -5 0 0 0 S 0 0.0 0:00.00 watchdog/1 9 root 15 -5 0 0 0 S 0 0.0 0:00.15 events/0 10 root 15 -5 0 0 0 S 0 0.0 0:00.18 events/1 11 root 15 -5 0 0 0 S 0 0.0 0:00.00 cpuset 12 root 15 -5 0 0 0 S 0 0.0 0:00.00 khelper 13 root 15 -5 0 0 0 S 0 0.0 0:00.00 netns 14 root 15 -5 0 0 0 S 0 0.0 0:00.00 async/mgr 15 root 15 -5 0 0 0 S 0 0.0 0:00.00 kintegrityd/0 16 root 15 -5 0 0 0 S 0 0.0 0:00.00 kintegrityd/1 17 root 15 -5 0 0 0 S 0 0.0 0:00.53 kblockd/0 18 root 15 -5 0 0 0 S 0 0.0 0:00.68 kblockd/1 19 root 15 -5 0 0 0 S 0 0.0 0:00.00 kacpid 20 root 15 -5 0 0 0 S 0 0.0 0:00.00 kacpi_notify 21 root 15 -5 0 0 0 S 0 0.0 0:00.00 kacpi_hotplug 22 root 15 -5 0 0 0 S 0 0.0 0:00.00 ata/0 23 root 15 -5 0 0 0 S 0 0.0 0:00.00 ata/1 24 root 15 -5 0 0 0 S 0 0.0 0:00.00 ata_aux 25 root 15 -5 0 0 0 S 0 0.0 0:00.00 ksuspend_usbd 26 root 15 -5 0 0 0 S 0 0.0 0:00.01 khubd 27 root 15 -5 0 0 0 S 0 0.0 0:00.00 kseriod 28 root 15 -5 0 0 0 S 0 0.0 0:00.00 kmmcd 29 root 15 -5 0 0 0 S 0 0.0 0:00.00 bluetooth 30 root 20 0 0 0 0 S 0 0.0 0:00.00 khungtaskd 31 root 20 0 0 0 0 S 0 0.0 0:00.00 pdflush 32 root 20 0 0 0 0 S 0 0.0 0:27.05 pdflush 33 root 15 -5 0 0 0 S 0 0.0 0:05.34 kswapd Thanks
10 per minute are very few for this setup, it should not take longer then 10 - 15 seconds for a email to get deliveredand your system is not under high load. The most likely reason for the delays are dns problems. Eg. if your server is not able to respolve domain names or some kind of firewall in your network blocks outgoing connections from the server to the internet. The spamfilter queries several external services and if you block these queries with a firewall, the system will wait until the connections time out which slows down the delivery process a lot. 1) Install all available ubuntu updates. 2) Run the command "sa-update" to update the spamassassin and restart amavisd afterwards. 3) Make sure that you have more then one external DNS Server in /etc/resolv.conf and that all of these servers are reachable and working. 4) Make sure that you have not blocked outgoing connections from the server to the internet.
1) updated 2) done 3) I change the DNS of my provider to OpenDNS, it's good right? Done! 4) What's outgoing connection you mean? well, this is my rc.local with all firewall entrances: Code: #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. # share the internet modprobe iptable_nat iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A INPUT -i eth0 -p tcp --dport 3128 -j ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward # ACCEPT TCP iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i eth0 -j ACCEPT iptables -A INPUT -p tcp --dport 20 -j ACCEPT iptables -A INPUT -p tcp --dport 21 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 53 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 110 -j ACCEPT iptables -A INPUT -p tcp --dport 143 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -A INPUT -p tcp --dport 1521 -j ACCEPT iptables -A INPUT -p tcp --dport 3306 -j ACCEPT iptables -A INPUT -p tcp --dport 3389 -j ACCEPT iptables -A INPUT -p tcp --dport 8080 -j ACCEPT iptables -A INPUT -p tcp --dport 10000 -j ACCEPT iptables -A INPUT -p tcp -d 200.255.125.214 -j ACCEPT # ACCEPT UDP iptables -A INPUT -p udp --dport 21 -j ACCEPT iptables -A INPUT -p udp --dport 53 -j ACCEPT iptables -A INPUT -p udp --dport 1521 -j ACCEPT iptables -A INPUT -p udp --dport 3306 -j ACCEPT iptables -A INPUT -p udp --dport 3389 -j ACCEPT # REDIRECT iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 172.19.57.1:3128 # PROTECTIONS echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter iptables -A INPUT -m state --state INVALID -j DROP # DROP iptables -A INPUT -p tcp --syn -j DROP Just to know, I have squid in this server too, and listen in eth0 (local network) Thanks Till
The spamfilter uses several internet services like dns blacklists to check if a email is spam. So make sure that no outgoing connections from the server to the internet are blocked. If they are blocked you will see a massive slowdown in mail delivery, as every mail ge stuck in the queue untill all connection attempts are timed out.
Works great now!! this was the problem, I forget to put this: Code: # OUTPUT iptables -A INPUT -i lo -j ACCEPT and now I can receive and send faster than ever!!! thanks Till
