smtp helo & connection timeouts -- increasing values

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

smtp helo & connection timeouts -- increasing values

Dr. Ed Morbius
Several of our peer mail systems (outbound) seem to take a while responding to initial SMTP connections.

Is there any particularly dread pitfall to watch out for in bumping these values up?  20s for connection, 40s for HELO is where we're at presently.

My main fear would be resource exhaustion, though this seems like it would be a low risk.

If there are saner ways of going about this (e.g.: secondary delivery queues, etc.) I'd be interested in hearing about them.  Though the approach we've taken appears simple and effective so far.

Thanks.

--
Dr. Ed Morbius
Chief Scientist / Philologist / Robot Wrangler / Powerplant Operator
Krell Power Systems Unlimited

Reply | Threaded
Open this post in threaded view
|

Re: smtp helo & connection timeouts -- increasing values

Ralf Hildebrandt
* Edward Morbius <[hidden email]>:
> Several of our peer mail systems (outbound) seem to take a while responding
> to initial SMTP connections.

That happens if:

* your dns is slow (reverse lookups of the client IP)
* all your SMTPD processes are in use
 
> Is there any particularly dread pitfall to watch out for in bumping these
> values up?  20s for connection, 40s for HELO is where we're at presently.

Which values exactly?

--
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  [hidden email] | http://www.charite.de
           
Reply | Threaded
Open this post in threaded view
|

Re: smtp helo & connection timeouts -- increasing values

Viktor Dukhovni
In reply to this post by Dr. Ed Morbius
On Mon, Oct 17, 2011 at 07:17:18PM -0700, Edward Morbius wrote:

> Several of our peer mail systems (outbound) seem to take a while responding
> to initial SMTP connections.
>
> Is there any particularly dread pitfall to watch out for in bumping these
> values up?  20s for connection, 40s for HELO is where we're at presently.

These values are well below Postfix built-in defaults.

        $ postconf -d | grep '^smtp_' | grep '_timeout ='
        smtp_connect_timeout = 30s
        smtp_data_done_timeout = 600s
        smtp_data_init_timeout = 120s
        smtp_data_xfer_timeout = 180s
        smtp_helo_timeout = 300s
        smtp_mail_timeout = 300s
        smtp_quit_timeout = 300s
        smtp_rcpt_timeout = 300s
        smtp_rset_timeout = 20s
        smtp_starttls_timeout = 300s
        smtp_tls_session_cache_timeout = 3600s
        smtp_xforward_timeout = 300s

You could probably raise your timelimits.

However, if your outbound server is regularly not keeping up with
the lower timeouts you quote, you really need to fix that.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: smtp helo & connection timeouts -- increasing values

Dr. Ed Morbius
Good to know.

I think we've addressed the problem, but it's nice to know we've got a lot of headroom to move up.  Total traffic is ~40k messages/day, and our big sticking point's been Yahoo though we've been talking with them and may be doing better (hopefully lots better).

The slow connections are mostly smaller clients with low delivery rates, and we're suspecting under-provisioned MS Exchange servers and the like.

Thanks.

On Tue, Oct 18, 2011 at 8:25 AM, Viktor Dukhovni <[hidden email]> wrote:
On Mon, Oct 17, 2011 at 07:17:18PM -0700, Edward Morbius wrote:

> Several of our peer mail systems (outbound) seem to take a while responding
> to initial SMTP connections.
>
> Is there any particularly dread pitfall to watch out for in bumping these
> values up?  20s for connection, 40s for HELO is where we're at presently.

These values are well below Postfix built-in defaults.

       $ postconf -d | grep '^smtp_' | grep '_timeout ='
       smtp_connect_timeout = 30s
       smtp_data_done_timeout = 600s
       smtp_data_init_timeout = 120s
       smtp_data_xfer_timeout = 180s
       smtp_helo_timeout = 300s
       smtp_mail_timeout = 300s
       smtp_quit_timeout = 300s
       smtp_rcpt_timeout = 300s
       smtp_rset_timeout = 20s
       smtp_starttls_timeout = 300s
       smtp_tls_session_cache_timeout = 3600s
       smtp_xforward_timeout = 300s

You could probably raise your timelimits.

However, if your outbound server is regularly not keeping up with
the lower timeouts you quote, you really need to fix that.

--
       Viktor.



--
Dr. Ed Morbius
Chief Scientist / Philologist / Robot Wrangler / Powerplant Operator
Krell Power Systems Unlimited

Reply | Threaded
Open this post in threaded view
|

Re: smtp helo & connection timeouts -- increasing values

Dr. Ed Morbius
In reply to this post by Ralf Hildebrandt
Ralf: thanks for your response.

Our DNS queries seem fine.  I tested via telnet connections to the remote sites and confirmed that they were responding slowly to HELO.  Even after doing this (e.g.: cached DNS results) postfix was timing out with the old values.  At 20/40 for connect/helo, we were no longer having that issue, and based on Viktor's response, we're still well under postfix's default timeouts for both values.

On Mon, Oct 17, 2011 at 11:42 PM, Ralf Hildebrandt <[hidden email]> wrote:
* Edward Morbius <[hidden email]>:
> Several of our peer mail systems (outbound) seem to take a while responding
> to initial SMTP connections.

That happens if:

* your dns is slow (reverse lookups of the client IP)
* all your SMTPD processes are in use

> Is there any particularly dread pitfall to watch out for in bumping these
> values up?  20s for connection, 40s for HELO is where we're at presently.

Which values exactly?

--
Ralf Hildebrandt
 Geschäftsbereich IT | Abteilung Netzwerk
 Charité - Universitätsmedizin Berlin
 Campus Benjamin Franklin
 Hindenburgdamm 30 | D-12203 Berlin
 Tel. <a href="tel:%2B49%2030%20450%20570%20155" value="+4930450570155">+49 30 450 570 155 | Fax: <a href="tel:%2B49%2030%20450%20570%20962" value="+4930450570962">+49 30 450 570 962
 [hidden email] | http://www.charite.de




--
Dr. Ed Morbius
Chief Scientist / Philologist / Robot Wrangler / Powerplant Operator
Krell Power Systems Unlimited