Submitted by nikkio on Fri, 12/06/2013 - 06:35
Hi, I've just enabled the Mail rate limit on my virtualmin server and it seems works fine but, digging in mail.log, I noticed many of those errors:
Dec 6 13:19:33 sv01 milter-greylist: smfi_getsymval failed for {if_addr} Dec 6 13:19:48 sv01 milter-greylist: smfi_getsymval failed for {i}
Postfix version 2.9.6 Debian 7
I've enabled spamassassin, clamav and postgrey
sincerely
Nicola
Status:
Active
Comments
Submitted by JamieCameron on Fri, 12/06/2013 - 11:18 Comment #1
I think those are harmless. Is rate limiting working properly for you?
Submitted by Locutus on Sat, 12/07/2013 - 04:40 Comment #2
I'm just testing the new rate limiting features too, and it seems they are ineffective in my case. (OS: Ubuntu 12.04 x64)
I had Virtualmin download and install the package and turn on the milter. I configured a global limit of "1 mail per minute" for the system.
Config files of milter and Postfix look okay:
(That's only the non-comment lines)
Those lines were added to Postfix' main.cf:
I'm now sending email from a local account on the test server to the outside, and I can send emails on and on, they are delivered immediately. Could it have to do with the fact that the server is using IPv6? Excerpt from /var/log/mail.log for two consecutive deliveries:
Submitted by andreychek on Sat, 12/07/2013 - 10:05 Comment #3
Can you guys post your milter-greylist config file, which is located in
/etc/milter-greylist/greylist.conf
? Thanks!Submitted by Locutus on Sat, 12/07/2013 - 10:31 Comment #4
I already did, check the first "code" block in my previous post. :)
Submitted by JamieCameron on Sat, 12/07/2013 - 11:55 Comment #5
I think the issue may be the line :
DecĀ 7 11:19:36 lyra milter-greylist: User sourceuser@test.tiahost.de authenticated, bypassing greylisting
Try editing
greylist.conf
and adding the linenoauth
, and see if that makes any difference.Submitted by Locutus on Mon, 12/09/2013 - 10:47 Comment #6
I'll try the "noauth" thing in a minute! Here's another issue:
While checking the mail logs on the test server, to prepare for the "noauth" test, I found blocks of these messages, once per minute. They started when I created a testing virtual server yesterday and Webmin tried to send the confirmation mail to the local recipient.
Maybe a limit of "1 mail per minute" is too few? :) Or maybe Webmin/Postfix is retrying too quickly, so that the milter "overflow" cannot decrease? Also note the error message "cannot reject recipient in non-smtpd submission".
Submitted by Locutus on Mon, 12/09/2013 - 10:42 Comment #7
About the original issue:
Adding "noauth" to the milter config file helped!
I did that, and configured the milter to allow 2 mails per minute. I could send 2 mails, and the third was rejected with "551 5.7.1 Message quota exceeded".
Submitted by JamieCameron on Mon, 12/09/2013 - 16:43 Comment #8
Ok .. so is it all working as expected now?
Submitted by Locutus on Tue, 12/10/2013 - 04:41 Comment #9
Limiting works as expected now in my test, yes.
You might want to check the error message though that I noted in my second-to-last post.
Submitted by nikkio on Tue, 12/10/2013 - 06:00 Comment #10
sorry for the delay...
it work also for me, adding noauth at the end of the greylist.conf
but the errors remains
thanks!
Submitted by JamieCameron on Tue, 12/10/2013 - 12:59 Comment #11
@Locutus - are you sending email using an SMTP connection, or via the
mail
orsendmail
commands?Submitted by Locutus on Tue, 12/10/2013 - 13:32 Comment #12
@Jamie: You don't really fully read my posts, do you? ;) Lemme repeat:
"While checking the mail logs on the test server, to prepare for the "noauth" test, I found blocks of these messages, once per minute. They started when I created a testing virtual server yesterday and Webmin tried to send the confirmation mail to the local recipient."
Submitted by JamieCameron on Tue, 12/10/2013 - 13:57 Comment #13
Oops, I missed the part about them being sent by Webmin.
So what this means is that Webmin is sending emails via the
sendmail
command, but under Postfix a milter doesn't have the ability to reject a message sent that way (vs via SMTP). Instead, Postfix just defers it for later delivery.A limit of 1 message per limit is too low, as this mean that if a single other email comes it to any user in the minute prior to creating a domain, then the email from Virtualmin will be deferred. I'd recommend a limit of at least 10 per minute.
Submitted by Locutus on Tue, 12/10/2013 - 14:43 Comment #14
Alrighty! The "1 mail per minute" of course was only for testing purposes, to see if the rate limiting works at all.
Submitted by BerkWood on Mon, 02/17/2014 - 19:32 Comment #15
I get both of these in the logs: milter-greylist: smfi_getsymval failed for {i} milter-greylist: smfi_getsymval failed for {if_addr}
I have the noauth at the end of the config. I know the milter works for the localhost, but I don't know if it works for other clients. I've noticed the greylist.db is not created in the directory specified by the conf file... It's a production server, so I am leery of dropping it down to 1 per min for testing. Is there another way to check?
Submitted by Locutus on Tue, 02/18/2014 - 02:58 Comment #16
Those two messages should be harmless. The greylist db is probably not created because the milter is not used for greylisting, only for rate limiting. Either that, or the file is only updated when the milter is stopped.
To test it, you could create a low limit for a specific test domain and send mails from that, while leaving the global limit high.
Submitted by BerkWood on Thu, 02/20/2014 - 18:07 Comment #17
They may be harmless, but there are thousands of entries everyday which increases the logfile size dramatically. I'll try a test account
Submitted by BerkWood on Sun, 02/23/2014 - 22:29 Comment #18
So I uninstalled and reinstalled and it still isn't working with a test subdomain... Still getting the same errors