[CentOS] Huge mailq

Christopher Chan christopher at ias.com.hk
Wed Feb 27 12:09:43 UTC 2008 

Benjamin Smith wrote:
> On Monday 25 February 2008, Christopher Chan wrote:
>> Hmm...it will still build. To really fix it, you need to do one more step:
>>
>> rpm -e --nodeps sendmail
>>
>> Now that is a permanent solution.
> 
> Like a hand grenade is a "solution". Not likely to help him much, tho. =/ 
> Doesn't even begin to address his situation since sendmail wasn't the problem 
> to begin with. 

Whooosh! Did you see that flying over your head?

> 
> Seems to me that it's a bad idea to use NFS as a mail store. For example, the 
> RedHat documentation specifically recommends strongly *against* it. Very 
> flatly: 

/me shrugs. Pick your poison. Besides, Redhat is not the absolute 
authority on how to run a mail system.

> 
>> Never put the mail spool directory, /var/spool/mail/, on an NFS shared
>> volume. 
> 
> http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/s1-server-mail.html
> 
> Also, NFS has various locking problems which prevent its use in a proper mail 
> cluster. Read up on sendmail's mbox vs qmail's maildir for more details. Not 
> suggesting that you switch to qmail, with it's "recompile the whole !@#! 
> thing every time you change a config option" mentality, but it's useful 
> information nonetheless, especially when you get into having multiple mail 
> receipt hosts. 

procmail, postfix local, maildrop all support maildir. qmail is not even 
necessary. Or is this your excuse to do a bit of qmail bashing?

> 
> The additional complexity of NFS is what seems to have caused this gentleman's 
> problem - not only did sendmail itself have to work properly, so did NFS, 
> DNS, and the spam filter.  

Yawn. postfix + mysql + courier-authlib + cyrus-sasl + vpopmail + 
spamassassin + clamav + maildrop.

> 
> How to avoid it? Either: 
> 
> 1) Reduce complexity. (get rid of the need for DNS, NFS, etc. or 

What is your proposal for getting rid of DNS? I, for one, would like to 
see how you intend to make email work without dns.

> 
> 2) "Beef up" the various pieces so they don't fail - make sure you are using 
> high quality servers and equipment, or 
> 
> 3) Increase redundancy, so that no single point of failure exists. 
> 
> Why is he depending on a single DNS server? Why is he using NFS, with it's 
> implicit single-point-of-failure rather than GlusterFS, which provides 
> multiple-primary-host redundancy and automatic failover?  
> http://www.gluster.org/
> 

I do not know the answer to that one hotshot. Maybe you can ask the OP 
nicely?

Christopher

More information about the CentOS mailing list