stale sessions

Büttner, Timo Timo.Buettner at ekom21.de
Fri May 27 14:35:51 CEST 2011


Hello all,



a few days ago we migrated our old Amavis Servers to new ones. I was monitoring the logs if everything works fine.

The new servers are almost the same, just a new operating system (old: SLES10SP2(physical machine) new:SLES11SP1(virtual machine)) with new packages (old: amavisd-new-2.3.3-17.2 new: amavisd-new-2.6.4-28.1).

amavisd.conf was simply copied to the new server.

Everything went fine but I found this "error" in the logs which weren't there at the old one.

May 27 12:55:21 Servername amavis[15793]: (15793-19) smtp session rundown stale sessions, idle 271.3 s, smtp:[IPADDRESS]:10025, state ehlo.

Port 10025 is the port we're sending back scanned mails to postfix.

Idle times for a stale session are also quite random ranging from ~20s to >3000s.



I looked if mails weren't transmitted correctly but it seems that's no problem:

May 27 13:03:06 Servername amavis[17700]: (17700-02) smtp session rundown, sending QUIT

May 27 13:03:06 Servername amavis[17700]: (17700-02) smtp session rundown, closing session smtp:[IPADDRESS]:10025

Then I looked if TCP connections were handled correctly, but that's also fine.

If a connection is closed by the application it's also closed by the OS...(at least as far as I could see(netstat))



I googled it but I haven't found anything useful for this problem(if it even is one).



Now I would like to ask you about your opinion, could this be a problem? Or is it something I won't have to worry about?



Kind regards

Timo Buettner





Our amavisd.conf:

use strict;

$max_servers = 25;            # number of pre-forked children (2..15 is common)

$daemon_user = 'vscan';

$daemon_group = 'vscan';

$mydomain = 'ekom21.de';   # a convenient default for other settings

$MYHOME = '/var/spool/amavis';

$TEMPBASE = "$MYHOME/tmp";   # working directory, needs to be created manually

$ENV{TMPDIR} = $TEMPBASE;    # environment variable TMPDIR

$QUARANTINEDIR = undef;

@local_domains_maps = (read_hash( "/var/spool/amavis/dom2.txt" )); @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10

                  {several IP-Addresses}

                           );

@inet_acl = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10

                  {several IP-Addresses}

                            );



$log_level = 5;              # verbosity 0..5

$log_recip_templ = undef;    # disable by-recipient level-0 log entries

$DO_SYSLOG = 1;              # log via syslogd (preferred)

$SYSLOG_LEVEL = 'mail.debug';

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)

$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1

$inet_socket_port = [10024,20024,30024];   # listen on this local TCP port(s) (see $protocol)

$inet_socket_bind = '*';

$log_level = 3;              # verbosity 0..5

$log_recip_templ = undef;    # disable by-recipient level-0 log entries

$DO_SYSLOG = 1;              # log via syslogd (preferred)

$SYSLOG_LEVEL = 'mail.debug';

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)

$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1

$unix_socketname = "$MYHOME/amavisd.sock";  # when using sendmail milter $sa_tag_level_deflt  = -20.0;  # add spam info headers if at, or above that level $sa_tag2_level_deflt = 6.31; # angepasst von 5.0 $sa_kill_level_deflt = 6.31; # war 6.31 triggers spam evasive actions - nicht anfassen $sa_dsn_cutoff_level = 9.0; # war 9.0 spam level beyond which a DSN is not sent $sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger

$sa_local_tests_only = 0;    # only tests which do not require internet access?

$sa_auto_whitelist = 1;      # turn on AWL in SA 2.63 or older (irrelevant

                             # for SA 3.0, cf option is 'use_auto_whitelist')

$mailfrom_notify_admin     = "virusalert\@$mydomain";  # notifications sender

$mailfrom_notify_recip     = "virusalert\@$mydomain";  # notifications sender

$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

@addr_extension_virus_maps      = ('virus');

@addr_extension_spam_maps       = ('spam');

@addr_extension_banned_maps     = ('banned');

@addr_extension_bad_header_maps = ('badh'); $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';

$MAXLEVELS = 14;

$MAXFILES = 1500;

$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)

$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced) $sa_spam_subject_tag = 'xxxSPAMxxx'; $defang_virus  = 1;  # MIME-wrap passed infected mail $defang_banned = 1;  # MIME-wrap passed mail containing banned name $myhostname = 'assmtp01.intern.ekom21.de'; $notify_method = 'smtp:*:10025';  # set to undef with milter!

$forward_method = 'smtp:*:10025';  # set to undef with milter!

$final_virus_destiny    = D_REJECT;

$final_banned_destiny   = D_REJECT;

$final_spam_destiny     = D_REJECT;

$interface_policy{'20024'} = 'VSCAN';

$interface_policy{'30024'} = 'TAGGING';

$policy_bank{'VSCAN'} = {  # mail originating from @mynetworks

  bypass_spam_checks_maps => [1],  # or: don't spam-check internal mail }; $policy_bank{'TAGGING'} = {  # mail originating from @mynetworks

  spam_kill_level_maps => [9999],

};

@viruses_that_fake_sender_maps = (new_RE(

  [qr/^/ => 1],  # true for everything else )); @keep_decoded_original_maps = (new_RE(

  qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables

  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,

));

$banned_filename_re = new_RE(

  # block certain double extensions anywhere in the base name

  qr'^application/x-msdownload$'i,                  # block these MIME types

  qr'^application/x-msdos-program$'i,

  qr'^application/hta$'i,

  [ qr'^\.(rpm|cpio|tar)$'       => 0 ],  # allow any in Unix-type archives

  [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any within such archives

  qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic

  qr'^\.(exe-ms)$',                       # banned file(1) types

);


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20110527/91181401/attachment.html>


More information about the amavis-users mailing list