Menu
▾
▴
sqlgrey-users — Users of SQLgrey
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(10) |
Nov
(37) |
Dec
(66) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
(52) |
Feb
(136) |
Mar
(65) |
Apr
(38) |
May
(46) |
Jun
(143) |
Jul
(60) |
Aug
(33) |
Sep
(79) |
Oct
(29) |
Nov
(13) |
Dec
(14) |
| 2006 |
Jan
(25) |
Feb
(26) |
Mar
(4) |
Apr
(9) |
May
(29) |
Jun
|
Jul
(9) |
Aug
(11) |
Sep
(10) |
Oct
(9) |
Nov
(45) |
Dec
(8) |
| 2007 |
Jan
(82) |
Feb
(61) |
Mar
(39) |
Apr
(7) |
May
(9) |
Jun
(16) |
Jul
(2) |
Aug
(22) |
Sep
(2) |
Oct
|
Nov
(4) |
Dec
(5) |
| 2008 |
Jan
|
Feb
|
Mar
(5) |
Apr
(2) |
May
(8) |
Jun
|
Jul
(10) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2009 |
Jan
|
Feb
|
Mar
|
Apr
(32) |
May
|
Jun
(7) |
Jul
|
Aug
(38) |
Sep
(3) |
Oct
|
Nov
(4) |
Dec
|
| 2010 |
Jan
(36) |
Feb
(32) |
Mar
(2) |
Apr
(19) |
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
(6) |
Nov
(8) |
Dec
|
| 2011 |
Jan
(3) |
Feb
|
Mar
(5) |
Apr
|
May
(2) |
Jun
(1) |
Jul
|
Aug
(3) |
Sep
|
Oct
|
Nov
|
Dec
(6) |
| 2012 |
Jan
|
Feb
|
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(2) |
Oct
|
Nov
|
Dec
|
| 2013 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
(1) |
Sep
(1) |
Oct
|
Nov
(6) |
Dec
(10) |
| 2014 |
Jan
(8) |
Feb
|
Mar
|
Apr
|
May
|
Jun
(3) |
Jul
(34) |
Aug
(6) |
Sep
|
Oct
(1) |
Nov
|
Dec
|
| 2015 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(18) |
Jul
(13) |
Aug
(30) |
Sep
(4) |
Oct
(1) |
Nov
|
Dec
(4) |
| 2016 |
Jan
(2) |
Feb
(10) |
Mar
(3) |
Apr
|
May
|
Jun
(11) |
Jul
|
Aug
|
Sep
(2) |
Oct
|
Nov
|
Dec
|
| 2017 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Dave S. <dst...@ma...> - 2007-01-28 17:05:30
|
First, some memcache background. You can find the details on http://www.dan= ga.com/memcached/ as well as the Perl APIs and a small example of code. =20 Memcache is a caching system which allows placing data in cache, and = getting it out quickly. You can think of memcache as a clipboard for data. = If System-A does a SQL lookup and gets the data, it takes a few microsecond= s to put it into memcached. Then when System-A, System-B, etc needs to do = the SQL query again, it checks the memcache "clipboard", and if it's = there, it reads it from memcache instead of reading from SQL. =20 Often code you write makes the same SQL SELECTs over and over again. Such = is the case with SQLGrey. Each email must be checked against SQL. However, = my code checks to see if we have already done the SQL lookup. For = instance, if SQLGrey gets an email from bo...@ao..., it can't find it in = memcache, so it needs to look it up in SQL. When it does, it saves the = result in memcached before it goes on as usual. Then, the next time = SQLgrey gets an email from bo...@ao..., it looks in the memcache and finds = the data. No need to bother SQL with the query.=20 =20 Using memcache saves time in the SQL lookup, but a small amount of time. I = have found memcached lookups are about 10x faster than our high-end SQL = servers, but still, we are talking about saving fractions of a second. = Where you really save data is in the load on SQL. If mail volume on = SQLGrey is only a few thousand emails a day, memcached will only save you = a few hundred SQL requests - not a huge savings. But, if you're SQL server = already runs slowly, or you get millions of emails a day, the savings in = load on your SQL server is substantial. =20 First off, at the top, I added two models MD5 and Memcached: =20 package sqlgrey; use strict; use Pod::Usage; use Getopt::Long 2.25 qw(:config posix_default no_ignore_case); use Net::Server::Multiplex; use DBI; use POSIX ':sys_wait_h'; use Sys::Hostname; use Digest::MD5; use Cache::Memcached; I used the MD5 library from CPAN to get a unique token so I could store = the result of the request. The following is an example of a function I = altered in SQLGrey. Comments are included. Note that all I am doing is = checking memcached for data before I look up in SQL. If I can't find it = in memcached, I look it up, and store it in memcached. You can try adding = this idea of caching into all the SQL lookups, and see which ones work = best for you. =20 sub is_in_from_awl { my ($self, $sender_name, $sender_domain, $host) =3D @_; =20 # Note I store the results of my find in memcached as "T" or "F". I = did this as I don't know how to use TRUE or FALSE in Perl, and since it's = such # a small amount of data, it should be wash in data storage. =20 # We need this as a variable as I will use it for the MD5 hash later. = Note the SQL is simpler than the=20 # original SQLGrey code. I did this to allow better caching=20 my $sql =3D "SELECT 1 FROM $from_awl WHERE sender_name =3D '$sender_nam= e' AND sender_domain =3D '$sender_domain' AND src =3D '$host'" ; =20 # Create a new variable with the SQL string as an MD5 hash. And yes, = Lionel said this was not a great idea ;-) use Digest::MD5; my $md5 ; $md5 =3D Digest::MD5->new; $md5->add($sql) ; my $md5_id =3D $md5->hexdigest ; print "SQL hashed to $md5_id \n" ; =20 # This memcached library came from http://www.danga.com/memcached/=20 use Cache::Memcached; =20 # I use three different memcached servers (note the fake IPs below - = use yours instead) and I use the standard port of "11211" # I set debug off (it may help when you are coding), and let the = library compress the data before it stores # it in memcached. You can use as few memcached servers as 1 to start, = and I would recommend this # until you are comfortable with memcached. Just add more into this = array as you need them. my $memcached =3D new Cache::Memcached { 'servers' =3D> ["1.2.3.4:11211", "1.2.3.5:11211","1.2.3.6:11211"], 'debug' =3D> 0 , 'compress_threshold' =3D> 10_000, }; =20 # Set the length of time you want this entry to Cache for. I set it to = expire in 14 days, but that's just what we did. # There are no "right" settings here. The TTL is measured in seconds. = After this time, the data will automatically # removed from cache. Set this low at first, perhaps 24 hours, until = you are comfortable with memcached. my $memcached_ttl =3D 60 * 60 * 24 * 14 ; =20 # With any luck, we know the value in memcached, and we will # look it up and return it here. No SQL transaction needed. my $boolean =3D $memcached->get("$md5_id"); if ($boolean) { # We found the boolean, and we return it. $self->mylog('whitelist', 2, "HIT from is_in_from_awl() - found in = memcached as $boolean \n") ; if ($boolean eq 'T') { return 1 ; } else { return 0 ; } } =20 $self->mylog('whitelist', 2, "MISS from is_in_from_awl() - not found = in memcached. \n") ; =20 # last_seen less than $self->{sqlgrey}{awl_age} days ago my $sth =3D $self->prepare("SELECT 1 FROM $from_awl " . 'WHERE sender_name =3D ? ' . 'AND sender_domain =3D ? ' . 'AND src =3D ? ' . 'AND last_seen > ' . $self->past_tstamp($self->{sqlgrey}{awl_age}, 'DAY') ); if (!defined $sth or !$sth->execute($sender_name, $sender_domain, $host)) = { $self->db_unavailable(); $self->mylog('dbaccess', 0, "error: couldn't access $from_awl table: = $DBI::errstr"); return 1; # in doubt, accept } else { $self->db_available(); } my $result =3D $sth->fetchall_arrayref(); if ($#$result !=3D 0)=20 { $memcached->set("$md5_id", "F", $memcached_ttl); return 0; # not a single entry }=20 else=20 { $memcached->set("$md5_id", "T", $memcached_ttl); return 1; # one single entry (no multiple entries by design) } } >>> Dan Faerch <da...@ha...> 11:07 AM Sunday, January 28, 2007 >>> Dave Strickler wrote: > memcached. Since using SQLGrey with memcached, we are seeing a drop of = about 2 LA points. From about 5 to about 3. Of course, this=20 Thats not bad at all, actually. > 'real' way. I am not a full-time programmer, just a salty-dog CTO, and = don't even know Perl. What I have is a hack, and I need a Perl=20 Im not a full-time coder at all. Though i have been coding for 10-15=20 years, Perl i something i was "forced" to learn at work, to be able to=20 maintain some of our other core systems. And how i really really hate=20 Perl ;).. I think ive probably spend around 8 weeks of perl coding in = my=20 entire life, 3 of them dedicated to sqlgrey. Mostly its somewhat easy for me, since it resembles C so much, but all=20 this @var, $var, $@var, $#{$var}, ect. can be really hard for me=20 sometimes ;). Luckily im a very thorough tester of my own code. > Who and where should I send this code snippet ? Well.. I usually always post my patches here first before throwing into = CVS. Though most ppl probably dont read/try the patches, its comforting to = know that everyone at least had a chance to point out any mistakes ;) - Dan ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share = your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE= VDEV=20 _______________________________________________ Sqlgrey-users mailing list Sql...@li...=20 https://lists.sourceforge.net/lists/listinfo/sqlgrey-users This message has been certified virus-free by MailWise Filter - The real-ti= me, intelligent, e-mail firewall used to scan inbound and outbound messages = for SPAM, Viruses and Content. =0A=0A For more information, please visit: http:= //www.mailwise.com=0A |
|
From: Dan F. <da...@ha...> - 2007-01-28 16:40:53
|
Dave Strickler wrote:
> 1. There are more functions writing to syslog than I think...
>
Dunno.. Try ie. commenting out all syslog stuff from the:
"my $server = bless {" block.
>
> 2. Something else besides the roll of /var/log/mail is causing these errors.
>
>
Well.. If you can skew the logrotation 30 minutes youd know if its related.
Other than that i cant think of anything else..
- Dan
|
|
From: Dave S. <dst...@ma...> - 2007-01-28 16:26:27
|
Then we are in the same boat - I'm not a fan of Perl either, but it does =
run fast, and with low system footprint, and I have always been impressed =
with that. Ironically, I think it makes a great platform for SQLGrey.
=20
As for the code, I will post a module here in a few minutes. I don't know =
how to do a patch, and I bet it would be a mess for me as I have customized=
SQLGrey with in-house tweaks that I can't share {sorry}.
=20
Dave Strickler
MailWise LLC
617-933-5810 (direct)
www.mailwise.com ( http://www.mailwise.com/ )
"Intelligent E-mail Protection"
>>> Dan Faerch <da...@ha...> 11:07 AM Sunday, January 28, 2007 >>>
Dave Strickler wrote:
> memcached. Since using SQLGrey with memcached, we are seeing a drop of =
about 2 LA points. From about 5 to about 3. Of course, this=20
Thats not bad at all, actually.
> 'real' way. I am not a full-time programmer, just a salty-dog CTO, and =
don't even know Perl. What I have is a hack, and I need a Perl=20
Im not a full-time coder at all. Though i have been coding for 10-15=20
years, Perl i something i was "forced" to learn at work, to be able to=20
maintain some of our other core systems. And how i really really hate=20
Perl ;).. I think ive probably spend around 8 weeks of perl coding in =
my=20
entire life, 3 of them dedicated to sqlgrey.
Mostly its somewhat easy for me, since it resembles C so much, but all=20
this @var, $var, $@var, $#{$var}, ect. can be really hard for me=20
sometimes ;).
Luckily im a very thorough tester of my own code.
> Who and where should I send this code snippet ?
Well.. I usually always post my patches here first before throwing into =
CVS. Though most ppl probably dont read/try the patches, its comforting to =
know that everyone at least had a chance to point out any mistakes ;)
- Dan
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share =
your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE=
VDEV=20
_______________________________________________
Sqlgrey-users mailing list
Sql...@li...=20
https://lists.sourceforge.net/lists/listinfo/sqlgrey-users
This message has been certified virus-free by MailWise Filter - The real-ti=
me, intelligent, e-mail firewall used to scan inbound and outbound messages =
for SPAM, Viruses and Content. =0A=0A For more information, please visit: http:=
//www.mailwise.com=0A
|
|
From: Dan F. <da...@ha...> - 2007-01-28 16:08:04
|
Dave Strickler wrote:
> memcached. Since using SQLGrey with memcached, we are seeing a drop of about 2 LA points. From about 5 to about 3. Of course, this
Thats not bad at all, actually.
> 'real' way. I am not a full-time programmer, just a salty-dog CTO, and don't even know Perl. What I have is a hack, and I need a Perl
Im not a full-time coder at all. Though i have been coding for 10-15
years, Perl i something i was "forced" to learn at work, to be able to
maintain some of our other core systems. And how i really really hate
Perl ;).. I think ive probably spend around 8 weeks of perl coding in my
entire life, 3 of them dedicated to sqlgrey.
Mostly its somewhat easy for me, since it resembles C so much, but all
this @var, $var, $@var, $#{$var}, ect. can be really hard for me
sometimes ;).
Luckily im a very thorough tester of my own code.
> Who and where should I send this code snippet ?
Well.. I usually always post my patches here first before throwing into CVS. Though most ppl probably dont read/try the patches, its comforting to know that everyone at least had a chance to point out any mistakes ;)
- Dan
|
|
From: Dave S. <dst...@ma...> - 2007-01-28 15:11:15
|
Dan (and anyone else that wants to chime in),
=20
I have altered the "sub mylog {}" to make it not write logs at all, and =
altered again to write to a separate file on /tmp, and still, at the top =
of each hour, I get a "450 Server config..." error on each message.
=20
This leads me to think there are 2 possibilities:
=20
1. There are more functions writing to syslog than I think...
=20
2. Something else besides the roll of /var/log/mail is causing these =
errors.
=20
Anything else I should be looking for ?
=20
=20
Dave Strickler
MailWise LLC
617-933-5810 (direct)
www.mailwise.com ( http://www.mailwise.com/ )
"Intelligent E-mail Protection"
This message has been certified virus-free by MailWise Filter - The real-ti=
me, intelligent, e-mail firewall used to scan inbound and outbound messages =
for SPAM, Viruses and Content. =0A=0A For more information, please visit: http:=
//www.mailwise.com=0A
|
|
From: Riaan K. <ria...@gm...> - 2007-01-28 12:28:47
|
On 26/01/07, Dan Faerch <da...@ha...> wrote: > > Riaan Kok wrote: > > How difficult would it be to allow the postfix attributes on both > > sides of the regexp? > > > > Without going into the discussion as to how usefull this would be, > static comparison (no regex involved) is very simple to make and i see > no the harm in it > > Ive made a "non-intrusive" patch. Everything will work as before (this i > have already tested on a live-system). > Only difference is, that it now also accepts: > == > and > != > (instead of =~ and !~ which means regex) > > Ie.: > sender_domain == recipient_domain > client_name != helo_name > > > The patch is attached. Apply using: > $ patch /path/to/sqlgrey < sqlgrey-discrimination-attr.patch > > Give it a try and tell me if it does the job for you. > > - Dan sweet; nice and small patch; thanks! I'll test it early this week, and if there's any interesting statistics that pops out, I'll post them.. Riaan |
|
From: Dave S. <dst...@ma...> - 2007-01-28 03:40:30
|
>>> Dan Faerch <da...@ha...> 6:33 PM Saturday, January 27, 2007 >>> Dave Strickler wrote: > I altered the source to do memcached lookups on everything except the = "connect" table since that would get a lot of INSERTs that were never read = again. I am seeing a 20%-40% hit on memcached, and the load on the = Postgres server that handles the SQLGrey DB is down by a few LA "points". > =20 Sounds very interesting. One of my collegues have been going on and on=20 about how i should be using memcached for sqlgrey, but i was unsure = that=20 it would do anything for us. By "LA" you mean Load Average?. And what=20 how much are "points"? -0.3 or -2.0 ect.? >>>> Yes, LA=3DLoad Average. Our SQLGrey DB runs on a beefy server with = one other DB that's almost all ready-only, and is not (yet) served via = memcached. Since using SQLGrey with memcached, we are seeing a drop of = about 2 LA points. From about 5 to about 3. Of course, this varies with = time of day, etc. =20 I dont know much about memcached, but INSERTS (and generally write=20 operations) are usually pretty heavy on SQL servers, so why not include=20 the "connect" table as well? >>> I tried the connect table, and got "good", but not "great" performance.= I think this is due to the nature of the table, and the nature of a = cache. I don't know about your site (and I would like to hear about it), = but our connect table gets about 30% of it's initial INSERTs come back for = a 2nd attempt, and are then removed from the table. So, the best cache we = could ever expect was 30%, and by it's nature, the 30% will only benefit = from a cache once. Think of the connect table as a "write-once, read-once" = table. Tables like the AWL, are "write-once, read-many", and therefore = greatly benefit from a cache. As with any caching system, you have to = *watch* what you are caching. Just "caching it all" can add overhead, and = fill up your cache with needless data. And what about the boxes running memcached. Do they take the perfomance=20 hit instead of the SQL server? >>> Boxes are older CPU servers that used to run SQL, etc, and have a lot = of RAM, but CPUs that are lacking by today's standards. With memcached = using RAM only, they certainly take the hit off SQL, but don't really take = a hit themselves. Much like writing to a RAM disk in Linux, you don't see = any noticeable increase in LA (or anything else) on heavy I/O functions. = So, the servers running memcached aren't even dedicated servers, although = we don't have them running any large CPU loads. Im very curious as to what i can gain in a clustered setup like mine,=20 where each mailserver has its own SQL-slave, if each mailserver also = has=20 to run memcached. >>> My guess is your Cluster will get a lot less reads ;-) > So, I am pleased with the memcached changes, and will tune the system a = bit more and let everyone know when I have squeezed every bit of power = from it. Once this is done, I will make the changes for v1.7 and get them = to Lionel for anyone to use.=20 > =20 You mean 1.7.4 right? That would be great, since it probably will make=20 it much easier for either of us to patch the CVS version. >>> Yes, any version you want. I am going to share how to make a module = (like is_in_awl()) use memcached, and let you all write the code the = 'real' way. I am not a full-time programmer, just a salty-dog CTO, and = don't even know Perl. What I have is a hack, and I need a Perl coder to = clean up the code. It's only about 20 lines of templated change in a few = modules, so it won't be much work. Who and where should I send this code = snippet ? =20 --- Dave - Dan ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share = your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE= VDEV=20 _______________________________________________ Sqlgrey-users mailing list Sql...@li...=20 https://lists.sourceforge.net/lists/listinfo/sqlgrey-users This message has been certified virus-free by MailWise Filter - The real-ti= me, intelligent, e-mail firewall used to scan inbound and outbound messages = for SPAM, Viruses and Content. =0A=0A For more information, please visit: http:= //www.mailwise.com=0A |
|
From: Dan F. <da...@ha...> - 2007-01-27 23:33:45
|
Dave Strickler wrote: > I altered the source to do memcached lookups on everything except the "connect" table since that would get a lot of INSERTs that were never read again. I am seeing a 20%-40% hit on memcached, and the load on the Postgres server that handles the SQLGrey DB is down by a few LA "points". > Sounds very interesting. One of my collegues have been going on and on about how i should be using memcached for sqlgrey, but i was unsure that it would do anything for us. By "LA" you mean Load Average?. And what how much are "points"? -0.3 or -2.0 ect.? I dont know much about memcached, but INSERTS (and generally write operations) are usually pretty heavy on SQL servers, so why not include the "connect" table as well? And what about the boxes running memcached. Do they take the perfomance hit instead of the SQL server? Im very curious as to what i can gain in a clustered setup like mine, where each mailserver has its own SQL-slave, if each mailserver also has to run memcached. > So, I am pleased with the memcached changes, and will tune the system a bit more and let everyone know when I have squeezed every bit of power from it. Once this is done, I will make the changes for v1.7 and get them to Lionel for anyone to use. > You mean 1.7.4 right? That would be great, since it probably will make it much easier for either of us to patch the CVS version. - Dan |
|
From: Dave S. <dst...@ma...> - 2007-01-26 23:43:52
|
As promised, I am reporting back with my findings. Please take them as = "what I see", your milage will vary... =20 I altered the source to do memcached lookups on everything except the = "connect" table since that would get a lot of INSERTs that were never read = again. I am seeing a 20%-40% hit on memcached, and the load on the = Postgres server that handles the SQLGrey DB is down by a few LA "points". =20 So, I am pleased with the memcached changes, and will tune the system a = bit more and let everyone know when I have squeezed every bit of power = from it. Once this is done, I will make the changes for v1.7 and get them = to Lionel for anyone to use.=20 =20 =20 Dave Strickler MailWise LLC 617-933-5810 (direct) www.mailwise.com ( http://www.mailwise.com/ ) "Intelligent E-mail Protection" This message has been certified virus-free by MailWise Filter - The real-ti= me, intelligent, e-mail firewall used to scan inbound and outbound messages = for SPAM, Viruses and Content. =0A=0A For more information, please visit: http:= //www.mailwise.com=0A |
|
From: Dan F. <da...@ha...> - 2007-01-26 16:35:29
|
Riaan Kok wrote: > How difficult would it be to allow the postfix attributes on both > sides of the regexp? > > First, thanks for writing,.. I was beginning to worry that i was the only one finding the discrimination feature usefull :). Without going into the discussion as to how usefull this would be, static comparison (no regex involved) is very simple to make and i see no the harm in it Ive made a "non-intrusive" patch. Everything will work as before (this i have already tested on a live-system). Only difference is, that it now also accepts: == and != (instead of =~ and !~ which means regex) Ie.: sender_domain == recipient_domain client_name != helo_name The patch is attached. Apply using: $ patch /path/to/sqlgrey < sqlgrey-discrimination-attr.patch Give it a try and tell me if it does the job for you. - Dan |
|
From: David L. <da...@la...> - 2007-01-26 10:30:36
|
Riaan Kok wrote: > How difficult would it be to allow the postfix attributes on both > sides of the regexp? > > If you add two derivative attributes: > sender_domain & recipient_domain > you can activate greylisting if: > sender_domain =~ recipient_domain > which would be a very nice rule for anyone running a relay. I see > many spam forgeries where a sender address is designed to fall under > the same organisation domain to appear legit. Another rule to play > with would be: > client_name !~ helo_name > which, although standards-compliant AFAIK, might be a bit harsh, I > don't know. Possibly there are other tricks to invent if the postfix > attributes can be used as plain variables both sides of the > discrimination regexp, but can't think of another example now. > > What do you think? I would keep it simple. Postfix can already do this sort of thing in its access maps with restriction classes. So do it there, don't duplicate functionality. Later, DAvid |
|
From: Riaan K. <ria...@gm...> - 2007-01-26 09:33:39
|
How difficult would it be to allow the postfix attributes on both sides of the regexp? If you add two derivative attributes: sender_domain & recipient_domain you can activate greylisting if: sender_domain =~ recipient_domain which would be a very nice rule for anyone running a relay. I see many spam forgeries where a sender address is designed to fall under the same organisation domain to appear legit. Another rule to play with would be: client_name !~ helo_name which, although standards-compliant AFAIK, might be a bit harsh, I don't know. Possibly there are other tricks to invent if the postfix attributes can be used as plain variables both sides of the discrimination regexp, but can't think of another example now. What do you think? thanks, Riaan |
|
From: Dan F. <da...@ha...> - 2007-01-24 19:07:13
|
Forgot to attach patch.. Dan Faerch wrote: > Patch to change db_cleanup timekeeping for both normal and clustered setup. > > To fix item from tracker: > [ 1574884 ] db_clean_host name and HOSTNAME > > Feel free to check it and make comments. > > Notes on patch: > Old HOSTNAME codes is not removed yet to keep this diff simple to read. > > Added new value into "config" table. "last_dbclean". Contains unix > timestampor zero. > Changed/corrected updateconfig() to return number of affected rows > Changed updateconfig() to allow 1 extra arg. If given, the arg will be > added to sql's where statement: "AND value='$arg'" (used for > "old_timestamp") > Removed "next_maint" everywhere. > Removed dbclean on startup > > > > - Dan > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Sqlgrey-users mailing list > Sql...@li... > https://lists.sourceforge.net/lists/listinfo/sqlgrey-users > > |
|
From: Dan F. <da...@ha...> - 2007-01-24 19:05:31
|
Patch to change db_cleanup timekeeping for both normal and clustered setup. To fix item from tracker: [ 1574884 ] db_clean_host name and HOSTNAME Feel free to check it and make comments. Notes on patch: Old HOSTNAME codes is not removed yet to keep this diff simple to read. Added new value into "config" table. "last_dbclean". Contains unix timestampor zero. Changed/corrected updateconfig() to return number of affected rows Changed updateconfig() to allow 1 extra arg. If given, the arg will be added to sql's where statement: "AND value='$arg'" (used for "old_timestamp") Removed "next_maint" everywhere. Removed dbclean on startup - Dan |
|
From: <Car...@db...> - 2007-01-24 17:37:01
|
My logs show quite a lot of these messages: Jan 24 18:25:46 hostname postfix/smtpd[6778]: [ID 947731 mail.warning] = warning: problem talking to server 127.0.0.1:2501: No such file or = directory Jan 24 18:25:45 hostname postfix/smtpd[6123]: [ID 947731 mail.warning] = warning: timeout on 127.0.0.1:2501 while reading input attribute name and Jan 24 17:57:53 hostname postfix/smtpd[23742]: [ID 947731 mail.warning] = warning: connect to 127.0.0.1:2501: Connection timed out But sqlgrey is up and running and produces normal log entries like as = well Jan 24 18:29:56 hostip sqlgrey: grey: new: a.b.c.d(a.b.c.d), test@local = -> te...@lo... Seems like the daemon doesn't answer fast enough or not at all - any = ideas or fixes? |
|
From: Paul B. <pa...@hy...> - 2007-01-23 11:48:19
|
Just to confirm this has gotten rid of the error for me as well. Thanks a lot. Paul -----Original Message----- From: sql...@li... [mailto:sql...@li...] On Behalf Of Dan Faerch Sent: Saturday, January 20, 2007 1:12 PM To: sql...@li... Subject: [Sqlgrey-users] 1.7.4 warnings I need a helping hand.. >> Name "DBIx::DBCluster::DEBUG" used only once: possible typo at >> /usr/sbin/sqlgrey line 2413. >> Name "DBIx::DBCluster::WRITE_HOSTS_NEVER_READ" used only once: possible >> typo at /usr/sbin/sqlgrey line 827. >> Name "DBIx::DBCluster::CLUSTERS" used only once: possible typo at >> /usr/sbin/sqlgrey line 818.=20 I cant get these warnings on to appear any of my computers (no idea why), so i cant verify that my patch makes them go away. Could someone who actually gets these warnings apply the attached patch and check that they disappear? $ patch /path/to/your/sqlgrey < sqlgrey-trivial.patch - Dan |
|
From: Dan F. <da...@ha...> - 2007-01-21 21:34:04
|
Dave Strickler wrote:
> had these "450 Server Config Problems" long before the mods.
>
Well.. Ive had that error plenty of times on our own, self-coded
policy-deamons some years ago ;). I didnt mention it because your error
is "connection timeout", while mine is "connection refused". The latter
indicates that the port is no longer listening (eg. the deamon crashed
and halted), where your error seems to indicate very slow response.
> Question: Do you run the cleanup in Async or Sync mode? We have been running Async, and I have always feared this was a problem, even though we have tested Sync mode and gotten the same errors.
>
Due to the warning in sqlgrey.conf ("BEWARE: lockups have been
reported"), we do NOT use async. I havent even tested async.
> I also noted that you run MySQL instead of Postgres. It would be possible for us to switch, but certainly difficult to try just for testing.
>
Hmm. Dunno.. This day and age, MySQL and Postgres should be pretty equal
in perfomance. However i never REALLY used postgres, so i can say for sure.
> Also, we almost always get these errors at the top of the hour. The only cronjob that runs at the top of the hour is a process that rolls our log files, and gzips them for us. During the gzip process the load spikes a little, but not much, even through the gzip process may take 90% of the CPU for 30-60 seconds.
>
Well.. You could change the cron time 30 minutes and see if it still
coincides with the error.
I remember hunting alot of errors like this..
With postgrey i got "450 Server configuration error" if the cleanup
didnt finish quickly enough.. So i disabled cleaup, and had it run at 5
am from a cronjob, then restart postfix to make sure.
One of our other policy-daemons had a tendency of hanging, not every
day, but always around 6am when it happend. Turns out logrotate ran at
6am. And logrotate stops syslog while rotating.
We have an outstanding bug in sqlgrey (due to be fixed very soon) that
kills sqlgrey if syslog isnt running and sqlgrey is trying to write a
log entry. If you rotate your logs every hour, that may include
restarting syslog. If a mail transaction is initiated in the time it
takes to rotate your logs, sqlgrey will probably die. That would explain
your problem, however logic dictates that it would result in "Connection
refused", not a timeout.. But i may be wrong :)
- Dan
|
|
From: Dave S. <dst...@ma...> - 2007-01-21 20:40:56
|
Actually it does help - thanks!
=20
It gives me a sense that we're not using SQLGrey in a strange way, or have =
it configured wrong. We have made several mods to the code, but we have =
had these "450 Server Config Problems" long before the mods.
=20
Question: Do you run the cleanup in Async or Sync mode? We have been =
running Async, and I have always feared this was a problem, even though we =
have tested Sync mode and gotten the same errors.
=20
I also noted that you run MySQL instead of Postgres. It would be possible =
for us to switch, but certainly difficult to try just for testing.
=20
Also, we almost always get these errors at the top of the hour. The only =
cronjob that runs at the top of the hour is a process that rolls our log =
files, and gzips them for us. During the gzip process the load spikes a =
little, but not much, even through the gzip process may take 90% of the =
CPU for 30-60 seconds.
=20
Thanks,
=20
-- Dave
>>> Dan Faerch <da...@ha...> 12:37 PM Sunday, January 21, 2007 >>>
Dave Strickler wrote:
> Currently we're using SQLGrey v1.6.7, and we are getting a lot of =
"warning: connect to 127.0.0.1:2501: Connection timed out". They seem to =
come in clumps, as if the SQLGrey code was very busy, and couldn't answer =
the requests. This gives a "450 Server configuration problem" to the =
Sender, and makes the sender think we have done something very bad.
> =20
We have never had the problem with sqlgrey you describe.
I can't solve your problem, but i can tell you what we have made our =
setup:
In our cluster of mailservers, each server is scaled to handle about=20
600.000 mail-requests daily. (some a little more or a little less based=20
on hardware). The same cluster nodes run 2 other policy-deamons, our =
own=20
"malware-sandbox", spamassasin and virusscanning using 3 scanners. On=20
each node, that is.
In peak-hour they sometimes have a load of 4.0-8.0, but they still run=20
great.
In master.cf we have raised the limit of simultaneous smtpd to 500,=20
based on real-life measurements (debian default is 50 i think). So=20
thats maximum 500 simultaneous request for sqlgrey as well.
We use sqlgrey's db_clustering. All writes go to a central MySQL, read=20
request go to a MySQL on 127.0.0.1.
The MySQL clutster also handles postfix'es Access, Virtual & transport=20
tables and Spam/Virus quarantine. So SQL is pretty busy as well.
Sqlgrey is configured in Postfix main.cf as such:
---------------------
smtpd_restriction_classes =3D sqlgrey
sqlgrey =3D check_policy_service inet:127.0.0.1:2501
smtpd_sender_restrictions =3D
sqlgrey
<other restrictions go here>
---------------------
Most hardware is:
- Dual Xeon 3.00GHz
- 2 x 60gig scsi discs, running as a raid MIRROR (not for speed=20
obviously, but for safety)
- 1 gig ram.
Dont know if this helps you in any way :)
- Dan
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share =
your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE=
VDEV=20
_______________________________________________
Sqlgrey-users mailing list
Sql...@li...=20
https://lists.sourceforge.net/lists/listinfo/sqlgrey-users
This message has been certified virus-free by MailWise Filter - The real-ti=
me, intelligent, e-mail firewall used to scan inbound and outbound messages =
for SPAM, Viruses and Content. =0A=0A For more information, please visit: http:=
//www.mailwise.com=0A
|
|
From: Dan F. <da...@ha...> - 2007-01-21 17:37:15
|
Dave Strickler wrote:
> Currently we're using SQLGrey v1.6.7, and we are getting a lot of "warning: connect to 127.0.0.1:2501: Connection timed out". They seem to come in clumps, as if the SQLGrey code was very busy, and couldn't answer the requests. This gives a "450 Server configuration problem" to the Sender, and makes the sender think we have done something very bad.
>
We have never had the problem with sqlgrey you describe.
I can't solve your problem, but i can tell you what we have made our setup:
In our cluster of mailservers, each server is scaled to handle about
600.000 mail-requests daily. (some a little more or a little less based
on hardware). The same cluster nodes run 2 other policy-deamons, our own
"malware-sandbox", spamassasin and virusscanning using 3 scanners. On
each node, that is.
In peak-hour they sometimes have a load of 4.0-8.0, but they still run
great.
In master.cf we have raised the limit of simultaneous smtpd to 500,
based on real-life measurements (debian default is 50 i think). So
thats maximum 500 simultaneous request for sqlgrey as well.
We use sqlgrey's db_clustering. All writes go to a central MySQL, read
request go to a MySQL on 127.0.0.1.
The MySQL clutster also handles postfix'es Access, Virtual & transport
tables and Spam/Virus quarantine. So SQL is pretty busy as well.
Sqlgrey is configured in Postfix main.cf as such:
---------------------
smtpd_restriction_classes = sqlgrey
sqlgrey = check_policy_service inet:127.0.0.1:2501
smtpd_sender_restrictions =
sqlgrey
<other restrictions go here>
---------------------
Most hardware is:
- Dual Xeon 3.00GHz
- 2 x 60gig scsi discs, running as a raid MIRROR (not for speed
obviously, but for safety)
- 1 gig ram.
Dont know if this helps you in any way :)
- Dan
|
|
From: Dave S. <dst...@ma...> - 2007-01-21 16:08:05
|
I have got this up and running for the AWL code, and it seems to be = helping a little, but not a lot. Certainly the DB reads are faster, but = they are so fast to start with that I am only saving 100ths of seconds on = each one. =20 My main goal is lighten the load on Postgres during the day by reducing = the amount of SELECTs that need to be done. I will keep the listed posted = on the results I have seen, and certainly share my sloppy Perl code with = Lionel if it helps improve SQLGrey. =20 =20 Dave Strickler MailWise LLC 617-933-5810 (direct) www.mailwise.com ( http://www.mailwise.com/ ) "Intelligent E-mail Protection" This message has been certified virus-free by MailWise Filter - The real-ti= me, intelligent, e-mail firewall used to scan inbound and outbound messages = for SPAM, Viruses and Content. =0A=0A For more information, please visit: http:= //www.mailwise.com=0A |
|
From: Dave S. <dst...@ma...> - 2007-01-21 16:03:07
|
I am looking for some configuration advice from the list.=20 =20 Currently we're using SQLGrey v1.6.7, and we are getting a lot of = "warning: connect to 127.0.0.1:2501: Connection timed out". They seem to = come in clumps, as if the SQLGrey code was very busy, and couldn't answer = the requests. This gives a "450 Server configuration problem" to the = Sender, and makes the sender think we have done something very bad. =20 Now, I will say that we run the code on many servers, and each of them get = about a million inbound emails per day. Of course, most of that is junk, = but SQLGrey needs to process it anyway. So, SQLGrey is working very hard. = However, even on off-hours (nights & weekends), we still get these. =20 We're running Postgres for our server, and the DB is not being hit = excessively when we get these, and all the hardware we run is top-notch. =20 My questions are: =20 1. Does anyone else get these and is there a fix ? =20 2. What's the "preferred" method of setting up your main.cf and master.cf = files for SQLGrey ? =20 Thanks, =20 -- Dave This message has been certified virus-free by MailWise Filter - The real-ti= me, intelligent, e-mail firewall used to scan inbound and outbound messages = for SPAM, Viruses and Content. =0A=0A For more information, please visit: http:= //www.mailwise.com=0A |
|
From: Dan F. <da...@ha...> - 2007-01-21 00:58:51
|
Lionel Bouton wrote: > Just to make sure we understand each other: > Exactly what i meant. > Oracle, DB2, MySQL, > PostgreSQL and SQLite last time I checked Ok.. Then i dont need to install a ton of DBD's to check this ;). > (SQLite is in fact out of > scope, I can't imagine people running several SQLgreys against one > SQLite DB...). > Without knowing a whole lot about sqlite, i cant really see how that would even be possible.. > Lionel, who should really, really start packing for his trip tomorrow. > Tomorrow?!? Then its WAY past your bedtime ;) - Dan |
|
From: Lionel B. <lio...@bo...> - 2007-01-20 22:55:41
|
Dan Faerch wrote the following on 20.01.2007 23:28 : > Lionel Bouton wrote: > >>> Like this: >>> SELECT. >>> >>> >>> >> I don't really understand what you meant with this SELECT. >> >> >> > Select * from whatever WHERE last_cleanup < sumthing-sumthing. > You need to select the last cleanup time, to be able to compare if > another sqlgrey already did it. > Just to make sure we understand each other: You only need to SELECT the "last_cleanup" value once after each attempted cleanup (and on startup). You then compute the next "expected" cleanup value (simply by adding the delay). On each mail to process, you check if now > "expected" and only try the update with the UPDATE ... SQL statement when this is true. Whatever happens (0 or 1 row updated) you have to refresh the "last_cleanup" value to compute the next "expected" cleanup value. So you SELECT the actual "last_cleanup" value again if the update didn't affect any row or use the one you gave in the update in the other case. > But i guess i need to know if "affected rows" work on all sql's? > > It does, it is standard SQL to return the number of affected rows for each UPDATE statement. At least it worked for me on Oracle, DB2, MySQL, PostgreSQL and SQLite last time I checked (SQLite is in fact out of scope, I can't imagine people running several SQLgreys against one SQLite DB...). Lionel, who should really, really start packing for his trip tomorrow. |
|
From: Dan F. <da...@ha...> - 2007-01-20 22:29:09
|
Lionel Bouton wrote: >> Like this: >> SELECT. >> >> > > I don't really understand what you meant with this SELECT. > > Select * from whatever WHERE last_cleanup < sumthing-sumthing. You need to select the last cleanup time, to be able to compare if another sqlgrey already did it. >> Determine if its time to do clean up.. >> If yes -> sleep random(0-x) >> UPDATE (blahblah) WHERE `timestamp`='<timestamp from SELECT>' >> If affected_rows > 0 then do_cleanup. >> >> >> > > Hum I forgot about this method. But why sleep? Assuming you have the > expected timestamp at which you think you should cleanup (the cached > value I spoke of) : > UPDATE <table> SET timestamp = expected where timestamp < expected. > > And as you pointed out, the number of affected rows tells us if we are > responsible for the cleanup: > - 0: no someone else managed to modify the timestamp just before us > (just update the "expected" cache) > - 1: yes we are the one ! update the "expected" cache and cleanup. > > No need to sleep, no two clients can really update the same row given > Youre right.. Didnt think of that. I wrote it because i usually SELECT twice. SELECT 1. Do some math or whatever, SLEEP random and SELECT 2, to make sure noone has already changed this. But i guess i need to know if "affected rows" work on all sql's? > processes or threads (which probably better explains my comments on DNS > queries). > > It does explain it, yes.. > SPF breaks email forwarding (SRS is a solution but _all_ forwarding > mailservers should support it in order for it to work properly), only > tells you that the server is authorized for a domain and not if it wants > to send SPAM and is so poorly understood that it breaks email in many > places (I've seen anti-SPAM appliances/proprietary software which > checked the From header instead of the Return-path for example...). > Im still not convinced its a bad idea.. But ill give it some more though before rushing into it.. - Dan |
|
From: Lionel B. <lio...@bo...> - 2007-01-20 22:18:10
|
Dan Faerch wrote the following on 20.01.2007 22:53 : > > Not a bad idea at all.. Except for the race condition you mention and > having to change the db-schema, which you explicitly told me not to do ;) > > On 1.6.x yes. Database schema changes are tricky, because you don't want to have to revert them so you better get them right in the first place. This said 1.7.x is the place where you can have database schema changes. > > >>> You could have race conditions where 2+ SQLgrey wants to update at the >>> very same time. >>> >>> > For problems like this, i usually do random(0-x) sleeping , before > UPDATE'ing the timestamp.. It decreases the likelihood of a collision > tremendously. > Like this: > SELECT. > I don't really understand what you meant with this SELECT. > Determine if its time to do clean up.. > If yes -> sleep random(0-x) > UPDATE (blahblah) WHERE `timestamp`='<timestamp from SELECT>' > If affected_rows > 0 then do_cleanup. > > Hum I forgot about this method. But why sleep? Assuming you have the expected timestamp at which you think you should cleanup (the cached value I spoke of) : UPDATE <table> SET timestamp = expected where timestamp < expected. And as you pointed out, the number of affected rows tells us if we are responsible for the cleanup: - 0: no someone else managed to modify the timestamp just before us (just update the "expected" cache) - 1: yes we are the one ! update the "expected" cache and cleanup. No need to sleep, no two clients can really update the same row given that they all have the same "expected" value (and in the buggy case where they aren't properly configured, they won't try to update at the same time anyway). Robust, clean, ensures only one cleanup so minimum load, doesn't even need transactions so should work with all DBs. > I dont suppose, due to sqlgrey's multithreaded nature, that this will > cause it to hang for the sleep time? > > SQLgrey is not multithreaded. It's a single process that multiplexes the incoming Postfix requests into one sequential flow of queries. Given that querying a local database is fast, there's no need for multiple processes or threads (which probably better explains my comments on DNS queries). >> - SPF checking would be really cool :). Anyone who knows which spf-lib for perl is the "standard"? >> > .... > >> Hum, you do what you want with 1.7.x, but I'm considering SPF as a dying horse begging for someone to put an end to its misery... >> > I am SO hoping SPF will be more common (since it is, in theory, a great > idea). And adding to sqlgrey, so SPF=whitelist, might help the > adaptation. :) But if me (and the Dmitry122, who posted the idea), are > the only ones who likes it, i really wont bother :) > SPF breaks email forwarding (SRS is a solution but _all_ forwarding mailservers should support it in order for it to work properly), only tells you that the server is authorized for a domain and not if it wants to send SPAM and is so poorly understood that it breaks email in many places (I've seen anti-SPAM appliances/proprietary software which checked the From header instead of the Return-path for example...). Lionel. |
18 messages has been excluded from this view by a project administrator.
