stale sessions
Büttner, Timo
Timo.Buettner at ekom21.de
Fri May 27 14:35:51 CEST 2011
Hello all,
a few days ago we migrated our old Amavis Servers to new ones. I was monitoring the logs if everything works fine.
The new servers are almost the same, just a new operating system (old: SLES10SP2(physical machine) new:SLES11SP1(virtual machine)) with new packages (old: amavisd-new-2.3.3-17.2 new: amavisd-new-2.6.4-28.1).
amavisd.conf was simply copied to the new server.
Everything went fine but I found this "error" in the logs which weren't there at the old one.
May 27 12:55:21 Servername amavis[15793]: (15793-19) smtp session rundown stale sessions, idle 271.3 s, smtp:[IPADDRESS]:10025, state ehlo.
Port 10025 is the port we're sending back scanned mails to postfix.
Idle times for a stale session are also quite random ranging from ~20s to >3000s.
I looked if mails weren't transmitted correctly but it seems that's no problem:
May 27 13:03:06 Servername amavis[17700]: (17700-02) smtp session rundown, sending QUIT
May 27 13:03:06 Servername amavis[17700]: (17700-02) smtp session rundown, closing session smtp:[IPADDRESS]:10025
Then I looked if TCP connections were handled correctly, but that's also fine.
If a connection is closed by the application it's also closed by the OS...(at least as far as I could see(netstat))
I googled it but I haven't found anything useful for this problem(if it even is one).
Now I would like to ask you about your opinion, could this be a problem? Or is it something I won't have to worry about?
Kind regards
Timo Buettner
Our amavisd.conf:
use strict;
$max_servers = 25; # number of pre-forked children (2..15 is common)
$daemon_user = 'vscan';
$daemon_group = 'vscan';
$mydomain = 'ekom21.de'; # a convenient default for other settings
$MYHOME = '/var/spool/amavis';
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = undef;
@local_domains_maps = (read_hash( "/var/spool/amavis/dom2.txt" )); @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
{several IP-Addresses}
);
@inet_acl = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
{several IP-Addresses}
);
$log_level = 5; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = [10024,20024,30024]; # listen on this local TCP port(s) (see $protocol)
$inet_socket_bind = '*';
$log_level = 3; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$unix_socketname = "$MYHOME/amavisd.sock"; # when using sendmail milter $sa_tag_level_deflt = -20.0; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 6.31; # angepasst von 5.0 $sa_kill_level_deflt = 6.31; # war 6.31 triggers spam evasive actions - nicht anfassen $sa_dsn_cutoff_level = 9.0; # war 9.0 spam level beyond which a DSN is not sent $sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
$sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant
# for SA 3.0, cf option is 'use_auto_whitelist')
$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
@addr_extension_virus_maps = ('virus');
@addr_extension_spam_maps = ('spam');
@addr_extension_banned_maps = ('banned');
@addr_extension_bad_header_maps = ('badh'); $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) $sa_spam_subject_tag = 'xxxSPAMxxx'; $defang_virus = 1; # MIME-wrap passed infected mail $defang_banned = 1; # MIME-wrap passed mail containing banned name $myhostname = 'assmtp01.intern.ekom21.de'; $notify_method = 'smtp:*:10025'; # set to undef with milter!
$forward_method = 'smtp:*:10025'; # set to undef with milter!
$final_virus_destiny = D_REJECT;
$final_banned_destiny = D_REJECT;
$final_spam_destiny = D_REJECT;
$interface_policy{'20024'} = 'VSCAN';
$interface_policy{'30024'} = 'TAGGING';
$policy_bank{'VSCAN'} = { # mail originating from @mynetworks
bypass_spam_checks_maps => [1], # or: don't spam-check internal mail }; $policy_bank{'TAGGING'} = { # mail originating from @mynetworks
spam_kill_level_maps => [9999],
};
@viruses_that_fake_sender_maps = (new_RE(
[qr/^/ => 1], # true for everything else )); @keep_decoded_original_maps = (new_RE(
qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
# block certain double extensions anywhere in the base name
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
[ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
qr'^\.(exe-ms)$', # banned file(1) types
);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20110527/91181401/attachment.html>
More information about the amavis-users
mailing list