Thread: Slow sending from client with qmail
View Single Post

  #4 (permalink)  
Old 04-20-2004
Brian T Glenn
 
Posts: n/a
Default Re: Slow sending from client with qmail
On Tue, 20 Apr 2004 15:03:15 +1000, Tony <tony@no_spam.invalid> may have written:
> On Tue, 20 Apr 2004 00:04:28 +0000, Brian T Glenn wrote:
> > Are you using any DNSBLs that might not be resolving properly? Are
> > you trying to do reverse DNS lookups on the clients and there is no
> > reverse DNS configured for their IP?
>
> I do not currently use reverse DNS on the clients but I used to (Redoing
> the network). However my box has a reverse DNS entry but it is still slow.

It doesn't have anything to do with the clients themselves. Unless you
pass the -H option to the tcpserver that starts qmail-smtpd, it will
attempt to find a PTR for the address of the client connecting to it. If
these are RFC1918 addresses and the queries get passed to the Internet
(instead of a local nameserver with correct data) chances are you will
have to wait on a timeout.

> I have been using DNSBL lists:
>
> relays.ordb.org
> bl.spamcop.net
> rdts.bl.reynolds.net.au
>
> I will check if they are slowing things down but I thaught that these
> only got invoked during receipt of Email from outside.
>
> Just checked...
>
> The DNS server reported that it refuses to respond to the query. There's
> a problem with the DNS server for bl.spamcop.net.
>
> Tried the reynolds one...
>
> The ordb one does respond.

You can stop lookups on your own clients' IP addresses by creating a
line in /etc/tcp.smtp as follows:

192.168.:allow,RBLSMTPD=""

> From memory you can not do a direct lookup with a tool but I think
> the slowdown is due to load on these blocklist servers.

dig a 2.0.0.127.bl.spamcop.net

> If the lookups are invoked when local machines send Email, how
> to "exempt" internal addresses (Clients)?

See above for the tcpserver line that will stop DNSBL on client
addresses.

> > No, it connects via SMTP just like any other client. Only programs
> > residing on the mailserver itself can queue mail directly.
>
> OK, you are right, I wrote that without thinking to much..:-))

One or both of these problems is causing your slowdowns it seems. If you
don't care about reverse DNS, simple add -H to tcpserver and it will
stop checking.

For the DNSBLs, you will have to make a policy decision on whether or
not you want to lookup client IPs. If they are RFC1918 IPs, the answer
is definitely no.

--
Brian T Glenn
delink.net Internet Services
Reply With Quote