Mail bounced by Postfix

Until a few weeks ago my mail server (Postfix running on Fedora Core 5) was having difficulty keeping up with spam. I was finding lots of bounce errors in the mail log, like this one:

Sep 23 12:32:15 fc5test postfix/local[9084]: 875EEF46F3: to=<rich@test.rdf>, orig_to=<abc110@test.rdf>, relay=local, delay=1011, status=bounced (Command time limit exceeded: "IFS=' ' && exec /usr/bin/procmail -f- || exit 75 #rich")

I use the setup suggested on the UsedViaProcmail page on the SpamAssassin wiki. Postfix delivers all mail for the domain, regardless of the address, to the same local user account. The .forward file for that account makes Postfix invoke procmail, which filters the message through SpamAssassin, and then delivers it to the appropriate mail folder.

Although SpamAssassin is the biggest bottleneck in the mail pipeline, it was actually Postfix that was causing the problem.

The spamassassin.lock lockfile in .procmailrc means that only one message can be checked at a time. On my system, SpamAssassin starts up with the option -m5, which means that it is allowed at most 5 children. Removing the lockfile improves things a little, allowing 5 messages to be checked simultaneously instead of just 1.

However, Postfix was trying to deliver up to 100 messages concurrently, as defined by the default_process_limit parameter. With only 1 mail being checked for spam at a time (or 5 at a time, with the lockfile removed), many of the local processes created by Postfix to deliver mail were timing out.

I opted to change the maxproc setting for the local service in /etc/postfix/master.cf to 10. I haven’t had any bounced messages since.

Advertisements
This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s