This weekend, I ran opendkim-2.3.2 for three days on our production
e-mail server. This version was built with poll() for Solaris 10 and
arlib. It seemed quite well-behaved. There was no sign of either a
thread leak or a memory leak. The thread count followed the count of
other sendmail filters quite closely. Most of the time it ran around
20, but occasionally peaked at around 200. It never got close,
however, to the 600-thread limit that's sometimes reached on weekdays.
I'll be doing another test at busier times later. Memory use varied
with the number of threads, but for the same number it increased
initially but levelled off after about a day.
I did notice a couple of peculiarities in error messages. The oddest
one was this one:
Apr 22 12:16:48 electra sm-mta[25602]: [ID 801593 mail.info] p3MHGmT6025602: from=<www.fido.ca_rsolx013_at_rogers.com>, size=19180, class=0, nrcpts=1, msgid=<-1867699601.1303491345767.JavaMail.wlfidoca_at_alxap029>, proto=ESMTP, daemon=MTA, relay=www3.rogers.com [207.245.252.18]
Apr 22 12:16:48 electra opendkim[7846]: [ID 861613 mail.info] p3MHGmT6025602: can't parse From: header value ' fido <www.fido.ca>'
Apr 22 12:16:48 electra sm-mta[25602]: [ID 801593 mail.info] p3MHGmT6025602: Milter add: header: X-DCC-UofM-Metrics: electra 1033; Body=1 Fuz1=1 Fuz2=1
Apr 22 12:16:48 electra sm-mta[25637]: [ID 801593 mail.info] p3MHGmT6025602: to=<xxx_yyyy_at_umanitoba.ca>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=49450, relay=localhost, dsn=2.0.0, stat=Sent
I don't know what the `From:' header value was, but it may not have
been the same as the envelope sender above.
I also saw quite a few errors indicating that DNS queries timed out.
Here are a couple of examples:
Apr 22 19:57:42 electra opendkim[7846]: [ID 467235 mail.error] p3N0vFvh004842: key retrieval failed (s=201006181024, d=facebookmail.com): '201006181024._domainkey.facebookmail.com' query timed out
Apr 23 20:56:18 electra opendkim[7846]: [ID 467235 mail.error] p3O1uDZl024176: key retrieval failed (s=beta, d=google.com): 'beta._domainkey.google.com' query timed out
The curious thing was that when I did the query almost immediately
against the same DNS server, it always found the TXT record:
$ host -t txt 201006181024._domainkey.facebookmail.com.
201006181024._domainkey.facebookmail.com descriptive text "k=rsa\; t=s\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDI8PNSRYnyzf3vCVVDUyFHL9QFYtzHNXcDQr8XUL1k3gu1TrL1FFjuGI0UwSgPNlRALiuLcjAVFY7bg/HCqjAKn0gWf9dKxpiRs9/Xz7smBxEwfvqJFTNHcaLFysYjf62ZJHfS0dKwV2n0VGp9MxFaprSH1J8wkfZ9Vlml+qP+YQIDAQAB"
$ host -t txt beta._domainkey.google.com.
beta._domainkey.google.com descriptive text "k=rsa\; t=y\; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMs93oc95ObA7OEQEbqjIy6YvRj1u3yVGTzQ3wkwRQTWx1fhvNQenPNFklaL+Tw9XFYUc3f8eY0hs3WUNQ+t+I0CAwEAAQ=="
Was it looking for a different type? Was the timeout so short that
it didn't get the reply?
--
-Gary Mills- -Unix Group- -Computer and Network Services-
Received on Mon Apr 25 2011 - 00:55:14 PST