[CentOS] Re: Postfix smtp freezing
Jason Ross
jross at medvoice.com
Mon Aug 13 16:25:28 UTC 2007
Ken,
You are correct, resolve.conf does list my isp's dns 250.171.3.65 which
is qwest. The internal windows workstations also point o the isp's dns
server.
Can I setup a cashing dns server on the mail server itself??
PS: I just wanted to say thanks to everyone who has helped me so far.
-jr
Ken Price wrote:
> Jason,
>
> This has nothing to do with AUTHORITATIVE dns. I'm speculating this
> is a problem with your choice of RECURSIVE (caching) name servers.
> Realize, however, that without being on the box and looking at your
> configuration, all I can do is speculate.
>
>> Mail .medvoice.com actually resolves to the mail server inside
>> through port forwarding.
>
> Very typical.
>
>> It's not really named that just everything going to the mail ports
>> ends up there.
>
> Understood. Again, very typical.
>
>> Would DNS still be an issue for sending internal mail.
>
> Maybe, maybe not. It depends on your internal network setup and where
> your server and workstations sit respective to each other. What's in
> your server's /etc/resolv.conf file? On your windows workstation,
> from the command prompt: ipconfig /all ... what "DNS Servers" are
> listed here?
>
>> I ran top during one of these unresponsive email spats and noticed
>> that there are no smtp processes listed.
>
> That just means there's no Postfix process in the busiest 20 or so
> processes. Use the command "ps -aux" for a more complete process
> view. That also means it's very unlikely your server is overloaded or
> reaching process limits.
>
> When someone initially connects to your mail server, typically the
> first thing your mail server does is a reverse IP lookup on the person
> connecting. Then, depending on your setup, it could also query a
> number of RBL sources (Real Time Black Hole Lists) to see if the
> sender is a known spammer. The more stuff that is done on that
> initial connection, the more DNS lookups your server has to make and
> the longer it takes to return the "OK" 220 prompt. That's why I'm
> speculating this is a DNS issue. If my hunch is correct, your
> /etc/resolv.conf will point to your ISP's recursive (caching) name
> servers. Rarely do they perform well since they're shared amongst
> hundreds/thousands/millions of users. For performance reasons,
> you're better off running at least one caching name server of your own
> inside your network - even on the server in question. While this is
> only speculation on your problem, these methods also lean towards
> "Best Practices" and are simple to implement.
>
> -Ken
>
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
More information about the CentOS
mailing list