[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Re:Why are sendmail timeout settings commented-out on RaQ3

On Thu, 8 Mar 2001, Craig St George wrote:

> 
>  >I'm wondering why those connections are kept open so long.. why don't 
> 
> I think the ones to change are
> Timeout.rcpt=1h

How long to wait for username to verify
Minimum rfc value, 5 min, this is too short tho, if the user is part of a
list, or really somewhere else it can take this long, however 15 min is
probably reasonable, if it takes more than that to just check a username
the remote server is probably hosed beyond help...

> Timeout.datablock=1h

This is for *reading* mail, ..some folks set this at 30min,
sometimes this makes things worse instead of better, remember that failed
deliveries will retry, causeing more load later..

> Timeout.datafinal=1h

*NEVER* shorten this one, it can cause duplicate messages , this is a
protocol vagueness in how errors are handled when they occur exactly at
the end of a message (eg , the entire message was recieved successfully,
but the other end went away before saying so)

(having said that, it seems to be common for it to hang there, this is
when the recieved email is being filed to the disk, if the machine is disk
bound this can take a while)

> Timeout.command=1h

You can shorten this somewhet, it's usually a bad sign when the remote end
suddenly stops responding to commands, waiting an hour isn't imho
reasonable, min rfc value is 5m, i'd go for 15 or so

> I know that I can lowever these but are not sure if I lower them to 10 
> minutes for example with this affect users on a dial up send 2 or 3 MB files

The size of the mail shouldn't have any effect on the timeouts, they apply
mostly when nothing is happening, eg, the datablock read limit is for when
data stops arriving, as long as they manage to spew at least a little data
per minute they will avoid the timeout...

> If anyone has ideas on this let us know
> I have searched the archives and found a few ideas on this

If you are mostly having problems with sendmail refusing more connections,
, and you have reasonable resources available (eg free memory) you might
be better off tweaking these

# load average at which we just queue messages
O QueueLA=15

# load average at which we refuse connections
O RefuseLA=20

# maximum number of children we allow at one time
O MaxDaemonChildren=12
--
The problem with the defaults is that having 12 children reading a stuck
connection will in fact generate a load average of 12 in and of itself, so
sendmail is limiting based on it's own activity as much as the
systems,even tho the system may
well be idle (tho it may not)

I don't see any real reason why a machine with say 256M or memory can't
handle a much larger child count, and probably a somewhat higher
loadaverage limit, tho be carefull, if you make that too high and you are
also doing things like serving web pages you can bury the machine...


Also, as long as you are poking about in there, you might want to consider

AllowBogusHELO=False       (require connecting server to say who it is)
#O MaxRecipientsPerMessage=100 (smaller of you don't normally have
people on do-it-yourself mailing lists)

Which can be helpfull for spam control...

gsh