Pre-queue content-filter connection overload
Posted by Richard on 2007/08/24
Ever since updating my gateway to Fedora 7, I’ve been getting messages like this in my daily Logwatch:
84 *Warning: Pre-queue content-filter connection overload
Worrying that I might be losing mail, I looked at the logwatch script for postfix in /usr/share/logwatch/scripts/services/postfix, and discovered that this message refers to lost connections from clients whose IP addresses are unknown – in other words, entries in the postfix log that look like this:
Aug 24 19:44:17 gateway postfix/smtpd[29089]: lost connection after CONNECT from unknown[unknown]
This happens when postfix doesn’t know the IP address of the client, probably because the client is “disconnecting” before the connection to postfix is properly established.
Chris said
In main.cf you have a section called smtpd_client_restrictions the setting in there called reject_unknown_client causes clients without reverse DNS to be rejected. This is likely to be the cause of what your seeing. If so, I’d call it a bug in logwatch
Hope that helps!
richardfearn said
Chris –
postconf smtpd_client_restrictionsshows that setting is empty, i.e. there aren’t any restrictions.It’s nothing to do with reverse DNS – there isn’t any IP address to do a RDNS lookup!
Chris said
Good point
In that case the kernal has done away with the connection from the queue before smtpd handled the connection. (i.e. It lost the connection before handing the connection from the queue to smtpd for the welcome banner Etc).
in master.cf if you have some spare memory turn up the number of smtpd processes allowed and also think about changing smtpd_timeout to something lower than the 5m default. Many suggest 45s, I run mine at 10s without issue on a fat pipe.
MrC said
I’ve since changed the diagnostic in postfix-logwatch. See:
http://www.mikecappella.com/logwatch/faq.html#connectionoverload
MrC