* clamav: set `MaxConnectionQueueLength` to its default value (200), custom (15) was way too small and caused recurrent connections fail in Postfix.
gitea/ansible-roles/pipeline/head This commit looks good Details

* postfix (packmail only): disable `concurrency_failed_cohort_limit` for destination smtp-amavis to prevent the suspension of this destination when Amavis fails to answer. Indeed, we configure the suspension delay quite long in `minimal_backoff_time` (2h) and `maximal_backoff_time` (6h) to reduce the risk of ban from external SMTPs.
This commit is contained in:
William Hirigoyen 2023-01-18 10:29:41 +01:00
parent 0cb751591a
commit 8d16f17354
3 changed files with 4 additions and 1 deletions

View File

@ -30,6 +30,8 @@ The **patch** part changes is incremented if multiple releases happen the same m
* docker-host: fix type in daemon.json and remove host configuration that is already in the systemd service by default * docker-host: fix type in daemon.json and remove host configuration that is already in the systemd service by default
* haproxy: fix missing admin ACL in stats module access permissions * haproxy: fix missing admin ACL in stats module access permissions
* openvpn: fix the client cipher configuration to match the server cipher configuration * openvpn: fix the client cipher configuration to match the server cipher configuration
* clamav: set `MaxConnectionQueueLength` to its default value (200), custom (15) was way too small and caused recurrent connections fail in Postfix.
* postfix (packmail only): disable `concurrency_failed_cohort_limit` for destination smtp-amavis to prevent the suspension of this destination when Amavis fails to answer. Indeed, we configure the suspension delay quite long in `minimal_backoff_time` (2h) and `maximal_backoff_time` (6h) to reduce the risk of ban from external SMTPs.
### Removed ### Removed

View File

@ -13,7 +13,7 @@
- { key: 'clamav-daemon/StreamMaxLength', type: 'string', value: '25' } - { key: 'clamav-daemon/StreamMaxLength', type: 'string', value: '25' }
- { key: 'clamav-daemon/ReadTimeout', type: 'string', value: '180' } - { key: 'clamav-daemon/ReadTimeout', type: 'string', value: '180' }
- { key: 'clamav-daemon/StatsEnabled', type: 'boolean', value: 'false' } - { key: 'clamav-daemon/StatsEnabled', type: 'boolean', value: 'false' }
- { key: 'clamav-daemon/MaxConnectionQueueLength', type: 'string', value: '15' } - { key: 'clamav-daemon/MaxConnectionQueueLength', type: 'string', value: '200' }
- { key: 'clamav-daemon/LogRotate', type: 'boolean', value: 'true' } - { key: 'clamav-daemon/LogRotate', type: 'boolean', value: 'true' }
- { key: 'clamav-daemon/AllowAllMatchScan', type: 'boolean', value: 'true' } - { key: 'clamav-daemon/AllowAllMatchScan', type: 'boolean', value: 'true' }
- { key: 'clamav-daemon/ScanOnAccess', type: 'boolean', value: 'false' } - { key: 'clamav-daemon/ScanOnAccess', type: 'boolean', value: 'false' }

View File

@ -412,6 +412,7 @@ smtpd_sasl_path = private/auth-client
# Amavis and OpenDKIM # Amavis and OpenDKIM
content_filter = smtp-amavis:[127.0.0.1]:10024 content_filter = smtp-amavis:[127.0.0.1]:10024
smtp-amavis_destination_concurrency_failed_cohort_limit = 0
smtpd_milters = inet:[127.0.0.1]:8891 smtpd_milters = inet:[127.0.0.1]:8891
non_smtpd_milters = inet:[127.0.0.1]:8891 non_smtpd_milters = inet:[127.0.0.1]:8891