Sendmail not/very slow responding on port 25

Hello!
I have a problem with a debian etch sendmail mailserver.
-> Debian Etch, no hacks, Sendmail 8.13.8/8.13.8/Debian-3)
Sendmail stops (or very slow) responding on port 25 when there are many connections.
(Problems occur when there are around 300-400 simultaneous connections on port 25)
There is no error in the mail logs, its not a throtteling or load problem, no max_children limit.
Checked all sendmail settings. Sendmail is still responding with other daemon on port 587 (and fast!).
Checked ulimit and port settings on linux box (kernel 2.6.21.5), enough free space on hdd.

Maybe another limit?
Maybe i missed something!
I hate all these spammers causing the problems! (> 90% off all emails are spam or being rejected!)

Regards


TOP
top - 10:57:32 up 19 days, 20:07,  5 users,  load average: 1.03, 1.11, 1.07
Tasks: 334 total,   2 running, 332 sleeping,   0 stopped,   0 zombie
Cpu(s): 10.3%us,  3.5%sy,  0.0%ni, 84.5%id,  1.6%wa,  0.0%hi,  0.1%si,  0.0%st
Mem:   4138868k total,  3901576k used,   237292k free,   326888k buffers
Swap:  7815612k total,    10000k used,  7805612k free,  1018016k cached

Daemon is running:
#> ps xa | grep -i sendmail | grep -i accepting
19965 ?        Ss     4:05 sendmail: MTA: accepting connections

tcpdump
# tcpdump -l -vvv host XXX.XXX.XXX.XXX | grep smtp
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
10:41:36.835886 IP (tos 0x0, ttl 117, id 17491, offset 0, flags [DF], proto: TCP (6), length: 52) xxx.dip0.t-ipconnect.de.49717 > mail.xxx.de.smtp: S, cksum 0x5aed (correct), 3948918536:3948918536(0) win 8192 <mss 1452,nop,wscale 8,nop,nop,sackOK>
10:41:39.822804 IP (tos 0x0, ttl 117, id 17537, offset 0, flags [DF], proto: TCP (6), length: 52) xxx.dip0.t-ipconnect.de.49717 > mail.xxx.de.smtp: S, cksum 0x5aed (correct), 3948918536:3948918536(0) win 8192 <mss 1452,nop,wscale 8,nop,nop,sackOK>
10:41:45.822114 IP (tos 0x0, ttl 117, id 17618, offset 0, flags [DF], proto: TCP (6), length: 48) xxx.dip0.t-ipconnect.de.49717 > mail.xxx.de.smtp: S, cksum 0x6efc (correct), 3948918536:3948918536(0) win 8192 <mss 1452,nop,nop,sackOK>
10:43:04.487048 IP (tos 0x0, ttl 117, id 17899, offset 0, flags [DF], proto: TCP (6), length: 52) xxx.dip0.t-ipconnect.de.49726 > mail.xxx.de.smtp: S, cksum 0x5540 (correct), 2262638895:2262638895(0) win 8192 <mss 1452,nop,wscale 8,nop,nop,sackOK>
10:43:07.478628 IP (tos 0x0, ttl 117, id 17901, offset 0, flags [DF], proto: TCP (6), length: 52) xxx.dip0.t-ipconnect.de.49726 > mail.xxx.de.smtp: S, cksum 0x5540 (correct), 2262638895:2262638895(0) win 8192 <mss 1452,nop,wscale 8,nop,nop,sackOK>
10:43:13.478982 IP (tos 0x0, ttl 117, id 17903, offset 0, flags [DF], proto: TCP (6), length: 48) xxx.dip0.t-ipconnect.de.49726 > mail.xxx.de.smtp: S, cksum 0x694f (correct), 2262638895:2262638895(0) win 8192 <mss 1452,nop,nop,sackOK>
10:48:22.249290 IP (tos 0x0, ttl 117, id 19283, offset 0, flags [DF], proto: TCP (6), length: 52) xxx.dip0.t-ipconnect.de.49807 > mail.xxx.de.smtp: S, cksum 0x9672 (correct), 2060381114:2060381114(0) win 8192 <mss 1452,nop,wscale 8,nop,nop,sackOK>
10:48:25.246997 IP (tos 0x0, ttl 117, id 19285, offset 0, flags [DF], proto: TCP (6), length: 52) xxx.dip0.t-ipconnect.de.49807 > mail.xxx.de.smtp: S, cksum 0x9672 (correct), 2060381114:2060381114(0) win 8192 <mss 1452,nop,wscale 8,nop,nop,sackOK>
10:
xFesterAsked:
Who is Participating?
 
xFesterConnect With a Mentor Author Commented:
Hello!
Meanwhile i found a solution.
Now i do DNS based load balancing on the server:
The incoming connections on port 25 are splitted on 5 different IP-Adresses on the one server.
Everything is working fine now. For every IP i have a sendmail daemon listening.
Up to now, this is my solution.
Regards
0
 
xFesterAuthor Commented:
More information:

- Port 25 and 587 are handled by the same daemon process
-  "strace -p DAEMON_PID -t -e trace=network" shows an incoming connection from an test ip on port 587 but not on port 25

So i think it is not a sendmail problem, but a connection problem.
A limit on concurent connectios to a single incoming port? never had such a problem.
The server has > 300 (problems begin) concurrent connection on port 25 and a total of > 1000 tcp connections
0
 
xFesterAuthor Commented:
Same problem with connection from same machine with: telnet localhost 25...
0
 
PsiCopCommented:
Actually, the TCP/25 and TCP/587 daemons are probably completely separate processes. TCP/25 is the MTA, TCP/587 is the MSA.

If you don't have any connection limits configured in sendmail, then yeah, someone could be running your host out of resources. Each connection takes up a finite amount of RAM and CPU. Perhaps you should turn on some connection rate limits.

Check out my profile for some links to technical papers on this sort of thing. In particular, read "Practical Modern sendmail Configuration"
0
 
xFesterAuthor Commented:
Thank you!
I checked your papers. Everything there is known and was checked on the server.

Meanwhile i have a second thread with this problem:
http://www.experts-exchange.com/Networking/Linux_Networking/Q_23123242.html

If there is a connection limit there would be an entry in the log file.
We played with the throtteling params yesterday and we did see these warnings.

...
0
All Courses

From novice to tech pro — start learning today.