Re: Proxymap takes 99% CPU
biliis wrote:
> Hi
>
> I use postfix-2.1.5-3.4 on SuSE Linux 9.2. It serves ~80 users and
> works
> pretty fine. But 5-10 times a day, it starts a proxymap which then does
> not terminate and uses 99% CPU. In /var/log/messages, I see this after
> proxymap starts:
>
> Dec 5 04:28:52 zeus postfix/smtpd[2666]: warning: premature
> end-of-input on private/proxymap socket while reading input attribute
> name
> Dec 5 04:28:52 zeus postfix/smtpd[32516]: warning: premature
> end-of-input on private/proxymap socket while reading input attribute
> name
> Dec 5 04:28:52 zeus postfix/smtpd[1808]: warning: premature
> end-of-input on private/proxymap socket while reading input attribute
> name
> Dec 5 04:28:52 zeus postfix/smtpd[32516]: warning: dict_proxy_lookup:
> service private/proxymap socket: Connection reset by peer
> Dec 5 04:28:52 zeus postfix/smtpd[2666]: warning: dict_proxy_lookup:
> service private/proxymap socket: Connection reset by peer
> Dec 5 04:28:52 zeus postfix/smtpd[1808]: warning: dict_proxy_lookup:
> service private/proxymap socket: Connection reset by peer
> Dec 5 04:28:52 zeus postfix/smtpd[3046]: warning: premature
> end-of-input on private/proxymap socket while reading input attribute
> name
>
> Accounts are being retrieved from /etc/passwd so there is no database
> involved here.
> As far as I can see the proxymap service is not necesary for this kind
> of setup (postfix isn't chroot'ed and no DBMS for the accounts). Can I
> comment the service out in the master.cf? Any drawbacks from this?
>
> Many thanks for any suggestions.
>
> Bill
It's not a requirement to use proxymap. It's used for 2 things:
* To overcome access limitations in chrooted Postfix environments.
* To consolidate the number of open lookup tables by sharing one
open table among multiple processes.
The 2nd usage listed is very good to use, especially when you have
heavy Postfix traffic. They way it's implemented, is in main.cf, add proxy: to
any table lookups, for example:
old:
hash:/etc/postfix/access
new:
proxy:hash:/etc/postfix access
Also, for every table that you use proxy for, there needs
to be a match for it in proxy_read_maps. Some examples:
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps
$virtual_alias_domains
$relay_recipient_maps $relay_domains $canonical_maps
$sender_canonical_maps $recipient_canonical_maps $relocated_maps
$transport_maps $mynetworks
proxy:hash:/etc/postfix/access
proxy:cidr:/etc/postfix/cidr
proxy:hash:/etc/postfix/helo
proxy:hash:/etc/postfix/virtual
proxy:hash:/etc/postfix/canonical
proxy:hash:/etc/postfix/rejectmydomains
proxy:hash:/etc/postfix/spoof_sender_map
proxy:hash:/etc/postfix/senders.local
proxy:hash:/etc/postfix/spoof_client_map
proxy:regexp:/etc/postfix/strict_client.regexp
proxy:pcre:/etc/postfix/header_checks
proxy:pcre:/etc/postfix/pcre_body
proxy:pcre:/etc/postfix/body_checks
proxy:pcre:/etc/postfix/access.pcre
You don't have to use proxymap if you don't want to. And it
can be commented out in master.cf. But first be sure there are no
references to it in main.cf.
--
Greg
|