Sendmail delay

A

alexm

Hello,

I have a question regarding sendmail.

I got a client who is trying to send e-mails to another, there is however a problem. The another part is behind a mailserver which greylists every first attempt to deliever a e-mail from my SMTP server. Then my SMTP server is supposed to retry sending it after a couple of minutes.

However it just tries several times for a couple of seconds. And then quits trying, but a couple of hours later - And the chance of delieverying have already expired. So I just get greylisted again.

Is this some sort of lack of configuration on my SMTP server. Or is it possible to configure some sort of relay-delay when greylisted? I was told that the default time should be 20 minutes to 4 hours resend time.

This is a piece of log from the recipient mailserver:

Code: 
Aug 18 03:25:09 mx1 spamd[314]: xxx.xxx.xxx.xxx: connected (12/11)
Aug 18 03:25:20 mx1 spamd[314]: (GREY) xxx.xxx.xxx.xxx: <sender@domain.com> -> <recipient@domain.com>
Aug 18 03:25:20 mx1 spamd[314]: xxx.xxx.xxx.xxx: disconnected after 11 seconds.
Aug 18 03:25:25 mx1 spamd[314]: xxx.xxx.xxx.xxx: connected (11/10)
Aug 18 03:25:36 mx1 spamd[314]: (GREY) xxx.xxx.xxx.xxx: <sender@domain.com> -> <recipient@domain.com>
Aug 18 03:25:36 mx1 spamd[314]: xxx.xxx.xxx.xxx: disconnected after 11 seconds.
Aug 18 08:26:59 mx1 spamd[314]: xxx.xxx.xxx.xxx: connected (6/3)
Aug 18 08:27:10 mx1 spamd[314]: (GREY) xxx.xxx.xxx.xxx: <sender@domain.com> -> <recipient@domain.com>
Aug 18 08:27:10 mx1 spamd[314]: xxx.xxx.xxx.xxx: disconnected after 11 seconds.


This is a piece of log from my SMTP server:
Code: 
Aug 18 03:27:18 smtp sendmail[30674]: n7H7n5EI053660: to=recipient@domain.com, delay=17:38:13, xdelay=00:00:23, mailer=esmtp, pri=2153006, 
relay=mx1.mailserver.com [xxx.xxx.xxx.xxx], dsn=4.0.0, stat=Deferred: 451 Temporary failure, please try again later.
Aug 18 03:27:18 smtp sendmail[30674]: n7H7n5EI053660: n7I11rSe030674: sender notify: Warning: could not send message for past 4 hours
Any help is greatly appreciated.

Kind regards,

Alex.
 
By default (/etc/defaults/rc.conf) sendmail will try to deliver queued email every 30 minutes:

Code: 
sendmail_outbound_enable="YES"	# Dequeue stuck mail (YES/NO).
sendmail_outbound_flags="-L sm-queue -q30m" # Flags to sendmail (outbound only)

This should show up in [cmd=]ps ax[/cmd] as follows

Code: 
 1212  ??  Is     0:00.26 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue (sendmail)

If you don't have that (and I don't see why that would be), outgoing email will only be retried when another outgoing email gets processed.
 
I actually have two queue runners
Code: 
14700  ??  Ss     0:00.28 sendmail: Queue runner@00:15:00 for /var/spool/clientmqueue (sendmail)
14703  ??  Ss     0:00.80 sendmail: Queue runner@00:05:00 for /var/spool/clientmqueue (sendmail)
 
That's not how it's supposed to be. What is the output of [cmd=]grep sendmail /etc/rc.conf[/cmd] and of [cmd=]ps ax | grep sendmail[/cmd]? You should have one (and only one) queue runner for /var/spool/clientmqueue, so something like this:

Code: 
 6003  ??  Ss     0:00.00 sendmail: accepting connections (sendmail)
 6007  ??  Is     0:00.00 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue (sendmail)

Both your 5 and 15 minutes queue run intervals are non-standard. By default, one queue runner at a 30 min interval should be running.
 
My /etc/rc.conf:

Code: 
sendmail_enable="YES"
#sendmail_flags="-bd"
sendmail_flags="-bd -q5m -C/usr/local/inflex/inflex.cf"
sendmail_msp_queue_enable="YES"
sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q15m"
sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q5m"

Should I remove & Stop one of the queue runners?
 
You can drop this one:
Code: 
sendmail_msp_queue_enable="YES"
because that's a system default, and one of these
Code: 
sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q15m"
sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q5m"
or both, because the system default is
Code: 
sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q30m"
Using one of your current lines will simply overrule the default, but use only one.

The 'sendmail_flags' line ought to have '-L sm-mta' before the rest, but that's only for logging.

Look in /etc/defaults/rc.conf for the defaults, and remember that /etc/rc.conf should only be used for overruling those defaults.

I have to assume that there's nothing weird in /usr/local/inflex/inflex.cf, because queue settings can be set in the Sendmail config as well.
 
My /etc/rc.conf now looks like this:

Code: 
sendmail_enable="YES"
sendmail_flags="-bd -q5m -C/usr/local/inflex/inflex.cf"
sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q20m"

ps -ax | grep sendmail looks like this:

Code: 
14697  ??  Ss     2:04.95 sendmail: accepting connections (sendmail)
62805  ??  Is     0:00.01 sendmail: Queue runner@00:20:00 for /var/spool/clientmqueue (sendmail)

However, I still find these errors in my maillog:

Code: 
Sep 17 14:00:14 smtp sendmail[7930]: n8H64dJh030615: to=recipient@domain.com, delay=05:55:35, xdelay=00:00:00, mailer=esmtp, pri=123559, 
relay=relay.domain.com. [xxx.xxx.xxx.xxx], dsn=4.7.1, stat=Deferred: 451 4.7.1 <sender@domain.com>: Sender address rejected: Greylisted for 5 
minutes (17)
Sep 17 14:00:14 smtp sendmail[7930]: n8H64dJh030615: n8HBxTgp007930: sender notify: Warning: could not send message for past 4 hours
Sep 17 14:00:15 smtp sendmail[7930]: n8HBxTgp007930: to=recipient@domain.com, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=34685, 
relay=relay.domain.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (Ok: queued as B513A38CBAE)
Sep 17 14:00:15 smtp sendmail[7930]: n8H648P2022436: to=recipient@domain.com, delay=05:56:07, xdelay=00:00:00, mailer=esmtp, pri=123559, 
relay=front-lvs.exserver.dk. [xxx.xxx.xxx.xxx], dsn=4.7.1, stat=Deferred: 451 4.7.1 <sender@domain.com>: Sender address rejected: Greylisted 
for 2 minutes (17)
Sep 17 14:00:15 smtp sendmail[7930]: n8H648P2022436: n8HBxTgq007930: sender notify: Warning: could not send message for past 4 hours
Sep 17 14:00:15 smtp sendmail[7930]: n8HBxTgq007930: to=recipient@domain.com, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=34685, 
relay=relay.domain.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (Ok: queued as 0286D38CB07)
Sep 17 14:00:15 smtp sendmail[7930]: n8H644I8022189: to=recipient@domain.com, delay=05:56:11, xdelay=00:00:00, mailer=esmtp, pri=123559, 
relay=relay.domain.com. [xxx.xxx.xxx.xxx], dsn=4.7.1, stat=Deferred: 451 4.7.1 <sender@domain.com>: Sender address rejected: Greylisted for 2 
minutes (17)
Sep 17 14:00:15 smtp sendmail[7930]: n8H644I8022189: n8HBxTgr007930: sender notify: Warning: could not send message for past 4 hours
Sep 17 14:00:15 smtp sendmail[7930]: n8HBxTgr007930: to=recipient@domain.com, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=34685, 
relay=relay.domain.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (Ok: queued as 2799938CE05)
 
Do you see the same iteration of these message-ids every 5 minutes? Because that's how often the mqueue is being run. Unless there's something overruling your queueing in your .cf file (like MinQueueAge).

In fact, the only active (i.e. not commented) 'queue lines' in your .cf are typically these:

Code: 
O QueueDirectory=/var/spool/mqueue
O Timeout.queuereturn=5d
O Timeout.queuewarn=4h
 
I found this in my sendmail.cf:

Code: 
O QueueDirectory=/var/spool/mqueue
O Timeout.queuereturn=5d
O Timeout.queuewarn=4h

#O MinQueueAge=30m

Keep in mind my queuerunner is on a 20 minute timer now, and not 5.

This is my log for one of the message ID's.

Code: 
Sep 17 08:04:04 smtp sendmail[22189]: n8H644I8022189: from=sender@domain.com, size=3559, class=0, nrcpts=1, msgid=
<ASP3arBKMhVbsE8S4cR000042a2@asp.domain.com>, relay=root@localhost
Sep 17 08:04:04 smtp sendmail[22245]: n8H644I8022189: to=recipient@domain.com, ctladdr=mail@domain.com (0/0), delay=00:00:00, xdelay=00:00:00, 
mailer=esmtp, pri=33559, relay=relay.domain.com. [xxx.xxx.xxx.xxx], dsn=4.7.1, stat=Deferred: 451 4.7.1 <sender@domain.com>: Sender address 
rejected: Greylisted for 5 minutes (17)
Sep 17 14:00:15 smtp sendmail[7930]: n8H644I8022189: to=recipient@domain.com, delay=05:56:11, xdelay=00:00:00, mailer=esmtp, pri=123559, 
relay=relay.domain.com. [xxx.xxx.xxx.xxx], dsn=4.7.1, stat=Deferred: 451 4.7.1 <sender@domain.com>: Sender address rejected: Greylisted for 2 
minutes (17)
Sep 17 14:00:15 smtp sendmail[7930]: n8H644I8022189: n8HBxTgr007930: sender notify: Warning: could not send message for past 4 hours
 
No, you're on 5:

Code: 
sendmail_flags="-bd [B]-q5m[/B] -C/usr/local/inflex/inflex.cf"

That's the queue interval for /var/spool/mqueue, which holds your outbound email.

The 20 minute interval is for your other queue runner (which handles var/spool/clientmqueue -- this one holds locally generated mail (e.g. system email, shell user email, sent through 127.0.0.1)

You could try running [cmd=]sendmail -q[/cmd], which processes queued mail immediately (or [cmd=]sendmail -v -q[/cmd] if you want to see more of that run).
 
I am aware of the sendmail -q, however it seems to have very little effect.

But as you say, it seems to be what it's supposed to. Do you think Inflex could have anything to do with this? Are there any changes I should do?

By the way, I really appreciated your help so far.
 
Yes, here you have it:

Code: 
divert(-1)
#
# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
#       All rights reserved.
# Copyright (c) 1983 Eric P. Allman.  All rights reserved.
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#
#
#  This is a generic configuration file for 4.4 BSD-based systems,
#  including 4.4-Lite, BSDi, NetBSD, and FreeBSD.
#  It has support for local and SMTP mail only.  If you want to
#  customize it, copy it to a name appropriate for your environment
#  and do the modifications there.
#

divert(0)dnl
VERSIONID(`$Id: generic-bsd4.4.mc,v 8.10 1999/02/07 07:26:02 gshapiro Exp $')
OSTYPE(bsd4.4)dnl
DOMAIN(generic)dnl
FEATURE(`local_lmtp')dnl
dnl FEATURE(`dnsbl', `relays.ordb.org', `"550 Email rejected due to sending server misconfiguration - see http://www.ordb.org/ "')dnl
FEATURE(`relay_hosts_only')dnl
dnl SMTP-authenticate som option til ip-authenticate
dnl Kraever at sendmail oversaettes med options. Lav devtools/Site/site.config.m4
dnl med indholdet:
dnl   APPENDDEF(`confENVDEF', `-DSASL=2 -DHASURANDOMDEV')
dnl   APPENDDEF(`conf_sendmail_LIBS', `-L/usr/local/lib -lcrypto -lsasl2')
dnl   APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl2')
dnl   APPENDDEF(`confINCDIRS', `-I/usr/local/include')
dnl ..og compiler derefter!
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 EXTERNAL CRAM-MD5')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 EXTERNAL CRAM-MD5')dnl
define(`confRELAY_MSG', `"550 Relaying denied. See http://www.mira.dk/support/relaying.html"')dnl
define(`LOCAL_MAILER_FLAGS', LOCAL_MAILER_FLAGS`'P)dnl
define(`confPRIVACY_FLAGS',`noexpn')
define(`confNO_RCPT_ACTION', `add-to-undisclosed')dnl
define(`confMAX_MIME_HEADER_LENGTH', `256/128')
MAILER(local)dnl
MAILER(smtp)dnl
 
Other than that it is quite ancient (you may consider updating it to/with a more recent version of freebsd.mc) I can see nothing obviously wrong with it.

You may take a look at [cmd=]mailq[/cmd] from time to time (every few minutes for about an hour) to see if there's stuck email in the queue (other than what is already delayed).

If you always see message-ids tagged with an asterisk (in progress) all of the time, your queue interval (the -q5m) may have to be increased a little, to prevent subsequent queue runs from tumbling over each other, causing perpetual locking issues.

You can also spot these by running [cmd=]ps ax | grep sendmail[/cmd]. If there are constantly lines indicating that mail delivery is being attempted, like these:

Code: 
30512  ??  Ss     0:00.01 sendmail: ./n8IDvo2Q029820

then this may also be an indication that queue runs are too close together.

For the record: the message-id in that sendmail process line (n8IDvo2Q029820 in this case) will also show up with an asterisk in [cmd=]mailq[/cmd], but with a qf/df in front of it (forget which, probably qf).
 
You must log in or register to reply here.
Back
Top