Topic: either qmail or dns problems? slow sending mail

[Randy Lastinger]

I performed a fresh install of 6.03b and imported my config from 5.6.  Everything seems to work fine except for that clients are having really slow connections when sending mail.   Especially in the other buildings where they are connecting through vpn.  

I'm not sure if it's qmail, mailfront, or dns problems.  I've looked at the logs and it appears to be resolving in tinydns.  I don't see any errors saying it can't send.  It's just slow and I don't know why, and it's driving me nuts.

Any suggestions?

Cheers,

Shaggy

[%sig%]

[jb]

Shaggy,

I don't know what your specific problem might be, but 6.0 final has been released.  Your best bet is to install this version and see if your mail is still slow.  If so, then maybe this can be re-produced and the root cause found.  I only say to install the released code, because many folks are no longer bothering with the beta code issues anymore.

JB

[Randy Lastinger]

Hmm...  Okay.  I'll try that Monday, and let you know the results.  Hopefully that will work.  That's the only problem I have is just that sending mail is slow, other than that, it's great.

Thanks, I'll let you know by Tuesday.

Shaggy

[Randy Lastinger]

unfortunately, i still had the problem.  i went back to 5.6 for now and putting 6.0 back into development to see if i can figure it out.

i appreciate any help though.

Thanks,

Shaggy

[Patrick Hickey]

I am seeing the exact same thing on the Final 6.0 release (the free one).

I use a private tunnel from work, a VPN via the corporate Netscreen firewall at work and the home domain which uses a smaller version of the Netscreen.

Remote sending of email is agonizing. It takes at least one minute for the status window to change from Sending to Delivering. The same send takes virtually no time when physically at home.

The setup is exactly the same as it was for the server when it was 5.6 and then sending was immediate when performed remotely.

Shaggy, you are spot on as I am experiencing this exact issue.

regards,

patrick

[Randy Lastinger]

Patrick,

It's nice to know I'm not the only one.  I've actually decided to stick with 5.6 for now, but I've done a lot of customizing with it and upgrading with it to where it's pretty close to the same as 6.0 again, but not quite.  .

I'll wait a while before I try 6.0 again to find out if anybody reports fixes for stuff like that.

Thanks,

Shaggy

[Patrick Hickey]

Well, others have already flushed out a sizing issue with dovecot IMAP, though a simple solution was devised and fixed it.

I do not believe a simple solution will prevail for this issue as it likely includes components of the (new) DNS and DNS things can get nasty. Worse, is that is an EOL offering so each tick of the clock takes us farther from anyone giving a hoot about THIS specific distrib.

I wonder if the folks at MITEL have run into this "email sending is hugely slow when using a remote connection" bug as they still have paying customers?  I would be amazed if they did not know about it. Finding out how they deal with it is the key.

I have seriously been considering down revving to 5.6 just to get the maturity of BIND and U Wa's IMAP.

regards,

patrick

[%sig%]

[Damien Kearns]

I am having exactly the same problem with 6.03b, however I have a remote site connected via ISDN through 2 IPCOP devices. Each network is on a different subnet, I have enabled the remote network in the Local Network properties under the server manager and am able to receive emails really fast. However when sending it appears as though there is a 1-2 minute wait before the mail actually goes anywhere.

[Patrick Hickey]

The 6.03b version has the new tinyDNS and dovecot components . This delay goes away if you use 5.6 as it only manifests itself with the newer releases.

It is getting bad enough to consider downrevving. I am SURE one of the MITEL folks can fix this if they read this list or give a hoot. Neither is a given.

regards,

patrick

[slang]

Hi Guys.

I think I've found the problem that you are having with your qmail connection speeds. I have a similar sounding problem - probably the same.

I have SME in server mode on a DMZ, and am not using the SME DHCP.

What seems to have happened in the move to tinydns/dnscache is that SME is no longer (I'm assuming that it used to) creating reverse DNS entries for non locally connected networks.

In my case, with SME on a DMZ, it creates reverse entries for the LOCALLY connected network, (pc-00001 etc.) on 192.168.3.0/24, but NOT for any internal networks - 192.168.2.0/24.

When I send Email from any internal PC, it waits for the DNS timeout etc. and eventually sends the email.

The culprits are the templates that generate /var/service/tinydns/root/data (and therefore data.db which tinydns reads).

These templates are located @ /etc/e-smith/templates/var/service/tinydns/root/data (of course...) and grazing through them makes it plain.

I've experimented with editing /var/service/tinydns/root/data and forcing (temporarily) the rigth values, and it fixes my problems.

In my case, I need to add a line like:
.2.168.192.in-addr.arpa::127.0.0.1

as well as

=steves.spl.co.nz:192.168.2.129

This is what tinydns needs to fix the reverse resolving, but I don't know how to integrate this into the templates, nor the GUI....

Any suggestions?

I consider this quite a glearing bug really - I mean, SME on a DMZ, acting as DNS server for internal machines but no DHCP and reverse resolution breaks. I'm sure that 5.6 worked properly in this area.

Anyone able to fix the rest of this configuration? It's over my head for now.

Cheers -

[slang]

Hiya.

Well, after a bit more poking around, I have some more (good?) news.

smtpfront-qmail isn't that fussy about forward vs. reverse DNS mappings. What it wants, is a DNS reply, even a 'not found' or 'server fail' will do. We don't actually need complete reverse mappings. This is good news.

A simple (read: HACK) fix may be as follows:

If your PC's are on a non local network interface, and in this example it's: 192.168.2.0/24, try the following:

1) Modify the template that creates the tinydns configuration

cd /etc/e-smith/templates/var/service/tinydns/root/data/

Add the following to /etc/e-smith/templates/var/service/tinydns/root/data/30nameServers just below the similar code and in appropriate position w.r.t. curly braces etc.

    #Steves test...
     $reverse = esmith::util::computeLocalNetworkReversed ("192.168.2.0", "255.255.255.0");
     $reverse =~ s/\.$//;
     $OUT .= ".$reverse\:\:127.0.0.1\n";

2) Expand the config out to make the real config files
/sbin/e-smith/expand-template /var/service/tinydns/root/data

3) Compile the configuration into the DB format
/usr/local/bin/tinydns-data

Check the date/time stamps of both data and data.cdb. They should match or at least be very close.

4) Restart DNS services to force them to use the new values.

service dnscache stop
service tinydns stop
service tinydns start
service dnscache start


In my case, this effectively fixes the problem. It's nasty, but works, and if you add/delete any new hosts, this change will persist.

NOTES:
1) As per usual - any updates may over-write this, as it's not in the custom directory etc. Hey, I said it was a hack, right?
2) This may not work for you. It works for me.
3) I'm not sure of the best place to put this to automate it. Maybe in the section where you define local networks? Can we make the assumption that if you have a local network, you want to be authoritative for  the reverse DNS mappings?
4) Are there any official updates (6.01 etc.) that inlcude similar funcionality?


Any comments from anyone ex. Mitel? Seems that a few are having problems with this.

Am I way off track here, or does this help?

Cheers -

[Anonymous]

PS: That should be

cd /var/service/tinydns/root/data.cdb

and NOT

cd /etc/e-smith/templates/var/service/tinydns/root/data/

Better instructions on their way within a day or so...

Cheers -

[Anonymous]

Hello slang,
Could you help us and explain how to compil (point 3)
Yes we are newb... ..
Thank's

[Anonymous]

Check this link out:

http://forums.contribs.org/index.php?topic=21360.msg84399#msg84399

[patrickthickey]

Now, other than being ever so slightly concerned about the translation this appears to be exactly what I am seeking.

Hire this person!

regards,

patrick