Re: Verzögerung bei Mailzustellung extern (gelöst)

Andreas Wass - Glas Gasperlmair a.wass at glas-gasperlmair.at
Mi Dez 14 07:51:51 CET 2016


Hallo Alex!

Vielen Dank, dass du Zeit hattest, auch die anderen Parameter anzusehen.

Am 13.12.2016 um 19:25 schrieb Alex JOST:
> Am 13.12.2016 um 11:57 schrieb Andreas Wass - Glas Gasperlmair:
>> *Vielen Dank wieder Mal an Alex Jost !
>
> Schön, dass wir Dir helfen konnten :)
>
>
>> smtp_destination_rate_delay = 150s*
>> genau der hier war Schuld an der Verzögerung bei vielen gleichzeitigen
>> Emails an die selbe Domain.
>> Blöd, wenn man alles blind aus irgendeinem Tutorial übernimmt.
>
> Stimmt! An diesem Punkt könntest Du Dir jetzt auch noch überlegen 
> welche anderen Parameter Du einfach so blind kopiert hast. Ich denke 
> da z.B. an die Einstellungen für SSL/TLS.
Könntest du mir noch sagen, was du an den SSL/TLS Einstellungen ändern 
würdest?

*Anbei nochmal meine  postconf -n*
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
amavisd_milter = inet:127.0.0.1:8899
body_checks = pcre:/etc/postfix/body_checks_map
bounce_queue_lifetime = 3d
bounce_template_file = /etc/postfix/bounce.de-DE.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo 
cont; echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 
 >$config_directory/$process_name.$process_id.log & sleep 5
default_database_type = btree
default_privs = nobody
disable_vrfy_command = yes
header_checks = pcre:/etc/postfix/header_checks_map
html_directory = no
lmtp_generic_maps = btree:/etc/postfix/lmtp_generic_maps
lmtp_tls_protocols = $smtp_tls_protocols
mail_owner = postfix
mailbox_size_limit = 52428800
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_queue_lifetime = 3d
message_size_limit = 52428800
mydestination = $myhostname localhost.$mydomain localhost
myhostname = mail1.glasgasperlmair.at
mynetworks = 127.0.0.0/8 [::1]/128 192.168.104.0/23 192.168.103.0/24
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
postscreen_access_list = permit_mynetworks 
cidr:/etc/postfix/postscreen_whitelist
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = no
postscreen_blacklist_action = drop
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1 
b.barracudacentral.org*1
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_whitelist_threshold = 0
postscreen_greet_action = enforce
postscreen_non_smtp_command_enable = no
postscreen_pipelining_enable = no
postscreen_whitelist_interfaces = static:all
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.11.3/README_FILES
recipient_bcc_maps = btree:/etc/postfix/recipient_bcc_maps
recipient_canonical_classes = envelope_recipient
recipient_canonical_maps = btree:/etc/postfix/recipient_canonical_maps
recipient_delimiter = +
relay_domains = btree:/etc/postfix/relay_domains
relay_recipient_maps =
relocated_maps = btree:/etc/postfix/relocated_maps
sample_directory = /usr/share/doc/postfix-2.11.3/samples
sender_bcc_maps = btree:/etc/postfix/sender_bcc_maps
sender_canonical_classes = envelope_sender
sender_canonical_maps = btree:/etc/postfix/sender_canonical_maps
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
show_user_unknown_table_name = no
smtp_generic_maps = btree:/etc/postfix/smtp_generic_maps
smtp_tls_cert_file = $smtpd_tls_cert_file
smtp_tls_exclude_ciphers = aNULL eNULL EXPORT DES 3DES RC4 MD5 PSK aECDH 
EDH-DSS-DES-CBC3-SHA EDH-RSA-DES-CDC3-SHA KRB5-DE5 CBC3-SHA AES128-SHA 
DHE-RSA-AES128-SHA AES256-SHA DHE-RSA-AES256-SHA CAMELLIA128-SHA 
DHE-RSA-CAMELLIA128-SHA CAMELLIA256-SHA DHE-RSA-CAMELLIA256-SHA 
ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA
smtp_tls_key_file = $smtpd_tls_key_file
smtp_tls_loglevel = 0
smtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_discard_ehlo_keyword_address_maps = cidr:/etc/postfix/esmtp_access
smtpd_recipient_restrictions = check_recipient_access 
btree:/etc/postfix/access_recipient-rfc check_client_access 
cidr:/etc/postfix/access_client check_helo_access 
btree:/etc/postfix/access_helo check_recipient_access 
btree:/etc/postfix/access_recipient permit_sasl_authenticated 
permit_mynetworks check_sender_access btree:/etc/postfix/access_sender 
reject_unverified_recipient reject_unauth_destination permit
smtpd_relay_restrictions = permit_sasl_authenticated permit_mynetworks 
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/pki/postfix/certs/mail1.glasgasperlmair.at.crt
smtpd_tls_dh1024_param_file = /etc/pki/postfix/private/dh_2048.pem
smtpd_tls_dh512_param_file = /etc/pki/postfix/private/dh_512.pem
smtpd_tls_eecdh_grade = strong
smtpd_tls_exclude_ciphers = aNULL eNULL EXPORT DES 3DES RC4 MD5 PSK 
aECDH EDH-DSS-DES-CBC3-SHA EDH-RSA-DES-CDC3-SHA KRB5-DE5 CBC3-SHA
smtpd_tls_key_file = /etc/pki/postfix/private/mail1.glasgasperlmair.at.key
smtpd_tls_loglevel = 0
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
tls_preempt_cipherlist = yes
transport_maps = btree:/etc/postfix/transport_maps, $relay_domains
unverified_recipient_reject_reason = Recipient address lookup failed
unverified_sender_reject_reason = Sender address lookup failed
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_maps = 
proxy:mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:[127.0.0.1]:24
>
> Für mich stellt sich auch die Frage warum Du manche DNSBLs in 
> Postscreen und dann nochmal mit smtpd_recipient_restrictions abfragst.
>
DNSBLs Prüfung macht ab sofort nur mehr postscreen.

Vielen Dank für die Hilfe
-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <http://de.postfix.org/pipermail/postfix-users/attachments/20161214/1c9448e0/attachment.html>


Mehr Informationen über die Mailingliste postfix-users