[exim] Slow mail processing with some addresses.

Top Pagina
Delete this message
Reply to this message
Auteur: Danny Carroll
Datum:  
Aan: exim-users
Onderwerp: [exim] Slow mail processing with some addresses.
Hello all,

I'm seeing somthing strange with a mail server I am upgrading.
I am rebuilding the 2 year old mail server and in the process I am going
from exim 4.12 to 4.42.

I've setup a unseen manual route to test the system before cutover.

I am seeing slow mail processing with some addresses (domains I think). All
of the messages that are stalling, look to me to be spam (I get a lot of
spam because I am playing around with anti-spam techniques).

My old mail server is holding some messages in the queue becuase the new one
is timing out after the MAIL TO: line.
The exact message in the old mail server log is.
-------------------
2004-10-06 15:40:38 1CFBDK-000GNi-00 == rosiesdiner@???
R=octopustest T=remote_smtp defer (60): Operation timed out: SMTP timeout
while connected to 192.168.10.1 [192.168.10.1] after MAIL
FROM:<Alejandro@???> SIZE=20033


When I transfer the message manually with telnet the SMTP session looks like
this:
-------------------
220 mail.dannysplace.net ESMTP Exim 4.42 Wed, 06 Oct 2004 17:37:34 +0200
HELO mail.dannysplace.net
250 mail.dannysplace.net Hello mail [192.168.1.4]
MAIL FROM:Alejandro@???
250 OK
HELP
214-Commands supported:
214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
RCPT TO:danny@???
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
--<SNIP DATA>--
.

250 OK id=1CFDvx-0005Vj-RH
QUIT


Now, the strange thing is after I type the RCPT TO: line, it takes about 2-3
minutes to respond. This ONLY happens with some sender addresses. Most of
the time it takes less than a second to send back the 250 OK message.

On the new server I see:
-------------------
# grep 1CFDvx-0005Vj-RH /var/log/exim/mainlog
2004-10-06 17:43:07 1CFDvx-0005Vj-RH <= Alejandro@??? H=mail
(mail.dannysplace.net) [192.168.1.4] P=smtp S=18627
2004-10-06 17:43:08 1CFDvx-0005Vj-RH => |/usr/local/bin/procmail -f-
/usr/virtmail/dannysplace.net/danny/.procmailrc <danny@???>
R=virtual_userforward T=address_pipe
2004-10-06 17:43:08 1CFDvx-0005Vj-RH Completed

This is normal...

So my question is, what does exim do, after getting the RCPT TO: line? If
it's some recipient check that I have setup then I will gladly alter it so
that the session does not timeout.
My first thought was the DNS lists I use but it's strange that I have been
able to reproduce this every time I try and use the same ipotrades.us
address.

I'd appreciate any suggestions on how I'd go about troublshooting this
further.

My ACL looks like this:
begin acl

# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.

acl_check_rcpt:

  accept  hosts = :
  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  accept  local_parts   = postmaster
          domains       = +local_domains
  require verify        = sender
  deny     message       = rejected because $sender_host_address is in a
black list at $dnslist_domain\n$dnslist_text
           log_message   = found in $dnslist_domain
           dnslists      = list.dsbl.org : \
                           unconfirmed.dsbl.org : \
                           multihop.dsbl.org : \
                           relays.ordb.org :\
                           bl.spamcop.net
  accept  domains       = +local_domains
          endpass
          verify        = recipient
  accept  domains       = +relay_to_domains
          endpass
          verify        = recipient
  accept  hosts         = +relay_from_hosts
  accept  authenticated = *
  deny    message       = relay not permitted



acl_check_mime:
  warn decode = default
  deny message = Blacklisted file extension detected
       condition = ${if match \
                        {${lc:$mime_filename}} \
                        {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
                     {1}{0}}
  deny message = Sorry, noone speaks chinese here
       condition = ${if eq{$mime_charset}{gb2312}{1}{0}}
  accept



acl_check_content:
  deny  message = This message contains malware ($malware_name)
        malware = *
  warn  message = X-Spam-Score: $spam_score ($spam_bar)
        spam = nobody:true
  warn  message = X-Spam-Report: $spam_report
        spam = nobody:true
  warn message = X-Spam-Flag: YES
       spam = nobody
  deny  message = This message scored $spam_score points. Congratulations!
        spam = nobody:true
        condition = ${if >{$spam_score_int}{100}{1}{0}}
  accept