Milter-greylist

An.H.Nguyen wrote:
 > - I can't fine /var/milter-greylist/milter-greylist.sock on one of my
 > two servers, should I copy this file over? (It's size is zero and has
 > a special permission settings srwxr-xr-x)

No.  You cannot copy a socket.  Sockets are special files
that are autmatically created when a server process binds
to a UNIX domain socket.  Restarting the server process
(in this case, milter-greylist) should be sufficient to
create the socket.

 > SW Versions:
 > Sendmail 8.12.10

You should upgrade ASAP.

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

"The ITU has offered the IETF formal alignment with its
corresponding technology, Penguins, but that won't fly."
        -- RFC 2549

We run 81211 with the patches. But anyway! If you are getting flooded to the 
point where for some unknown reason greylist goes down, you can use a cronjob 
like so:
---
*/10 * * * * /home/gdmilter/is-milter-alive.sh >/dev/null 2>&1
---

#!/bin/bash

pids=($(pgrep gdmilter))
if (( ${#pids[@]} > 3 ))
then
 echo "`date` up with ${#pids[@]}" >> /home/gdmilter/gdmilterlog

else
  echo down with ${#pids[@]} at $(date) >> /home/gdmilter/gdmilterlog

  rm -rf /home/gdmilter/milter-gdmilter.sock
  /etc/rc.d/init.d/gdmilter stop
  killall -9 gdmilter ; kill -9 $(pidof gdmilter)
  sleep 5; kill -9 `pidof gdmilter`

  /etc/rc.d/init.d/gdmilter start
  echo $(date) restarted >> /home/gdmilter/gdmilterlog
fi


---
Obviously we renamed the milter to gdmilter, and stuck the socket elsewhere, 
but you get the general idea. This will help get the milter back up if it 
gets overloaded to the point where it shuts down.

On Friday 27 October 2006 02:49 pm, Oliver Fromme wrote:
> An.H.Nguyen wrote:
>  > - I can't fine /var/milter-greylist/milter-greylist.sock on one of my
>  > two servers, should I copy this file over? (It's size is zero and has
>  > a special permission settings srwxr-xr-x)
>
> No.  You cannot copy a socket.  Sockets are special files
> that are autmatically created when a server process binds
> to a UNIX domain socket.  Restarting the server process
> (in this case, milter-greylist) should be sufficient to
> create the socket.
>
>  > SW Versions:
>  > Sendmail 8.12.10
>
> You should upgrade ASAP.
>
> Best regards
>    Oliver

On Fri, 27 Oct 2006, An.H.Nguyen wrote:

> Both of my Solaris sendmail gateways started to have some problems since 
> Oct.14 when the "Possible SMTP attack: command=HELO/EHLO, count=3" 
> appeared.
>
> - Sendmail stops repsonding for a short time then came back, this 
> happens several times a day
>
> - milter-greylist process died, then it came back on by itself in about 
> 5 minutes, this also happens serveral times a day
>
> - I can't fine /var/milter-greylist/milter-greylist.sock on one of my 
> two servers, should I copy this file over? (It's size is zero and has a 
> special permission settings srwxr-xr-x)

No, you should not copy it over.  It's a socket (hence the leading "s" in 
the permissions) and even if you could find a way to copy it, it wouldn't 
be connected to the milter-greylist process in a meaningful way.

Stop and re-start the milter-greylst daemon/process to recreate the 
socket.

> Some error messages (random picks, not in any orders):
>    milter-greylist: [ID 552762 mail.error] greylist: accept() returned invalid socket (Too many open files)

You need to find out if the number of files open is reasonable for your 
system load, and if so, increase the MAXFILES for the system, or find out 
what has gone wrong so that MAXFILES has been reached.

Help with that is somewhat outside of the scope of this mailing list, I 
would guess.

>    milter-greylist: [ID 879519 mail.warning] greylist: setsockopt() failed
>    Milter (greylist): timeout before data read
>    Milter (greylist): init failed to open
>    Milter (greylist): error connecting to filter: Connection refused by /var/milter-greylist/milter-greylist.sock
>    mimedefang-multiplexor[12219]: [ID 260045 mail.error] Reap: Idle slave 9 (pid 25739) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
>    mimedefang-multiplexor[12219]: [ID 389462 mail.error] Slave 6 died prematurely -- check your filter rules
>    mimedefang[12232]: [ID 847421 mail.error] Error from multiplexor: ERR No response from slave
>    mimedefang[27731]: [ID 758488 mail.warning] mfconnect: Error communicating with multiplexor
>    mimedefang-multiplexor[27727]: [ID 980602 mail.info] Slave 5 stderr: getservbyname failed for tcp at /usr/local/bin/mimedefang.pl line 529
>    sendmail[18155]: [ID 801593 mail.warning] k9RFFCUM018155: collect: premature EOM: unexpected close
>    sendmail[26774]: [ID 801593 mail.info] k9RHumxI026774: Milter (greylist): to error state
>
> SW Versions:
> Sendmail 8.12.10
> mimedefang version 2.51
> SpamAssassin version 3.0.3
>  running on Perl version 5.8.0
> milter-greylist: I'm not sure what version it is, help!..

I believe you can run "milter-greylist -r" to get its version.

> I'm new to this environment, I take over from a previous sysadmin who 
> left so I am desperate here... I think about upgrading, but affraid to 
> break things up. I have clone one of the gateways to a 3rd server and 
> able to do testings on it. Please help! An Nguyen



-- 
		"A witty saying proves nothing."
				-- Voltaire

finger://bigby@...
http://www.ephemeron.org/~bigby/
irc://irc.ephemeron.org/#the_pub
news://news.ephemeron.org/alt.lemurs

i have noticed some cases where if milter crashes .sock file still exists
and must manually be removed before milter will come up correctly. perhaps
code should do an unlink(2) before trying to bind ?



> > An.H.Nguyen wrote:
> >  > - I can't fine /var/milter-greylist/milter-greylist.sock on one of my
> >  > two servers, should I copy this file over? (It's size is zero and has
> >  > a special permission settings srwxr-xr-x)
> >
> > No.  You cannot copy a socket.  Sockets are special files
> > that are autmatically created when a server process binds
> > to a UNIX domain socket.  Restarting the server process
> > (in this case, milter-greylist) should be sufficient to
> > create the socket.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

An.H.Nguyen <AnNguyen251@...> wrote:

> It looks like this is a single file program. What do I need to do If I
> want to upgrade it?

Download the latest tarball, build it and replace the milter-greylist
binary.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...