home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

Previous Section Next Section


Refuse connections on high load All versions

When the load average on a machine (the average number of processes in the run queue over the last minute) becomes too high, sendmail can compensate in three different ways:

  • The QueueLA option (QueueLA) determines the load at which sendmail will begin to queue messages rather than delivering them, and the load at which scheduled queue runs will be skipped.

  • This RefuseLA option determines the load at which sendmail will begin to refuse connections[57] rather than accepting them.

    [57] The sendmail program refuses just SMTP connections. Mail sent with other means, such as UUCP or via standard input, will still be accepted despite a high load. This means that some locally submitted mail will succeed, while other locally submitted mail will fail. That success versus failure is determined by whether that mail is submitted via SMTP.

  • The DelayLA option (DelayLA) determines the load at which sendmail will begin to delay replies to SMTP commands.

Some experts consider refusing connections with the RefuseLA option a more serious problem than the queuing caused by the QueueLA option (QueueLA), so prior to the introduction of V8.7 sendmail, they generally recommended that the load specified for this RefuseLA option should be the higher of the two. Others take the opposite stand. Paul Vixie, for one, believes that the RefuseLA option should be lower than the QueueLA option so that you stop accepting mail before you stop processing it. Under V8.7 the two options have been decoupled, and you can now tune them according to your personal philosophy.

The forms of the RefuseLA option are as follows:

O RefuseLA=limit             configuration file (V8.7 and later) 
-ORefuseLA=limit             command line (V8.7 and later) 
define(`confREFUSE_LA',limit)    mc configuration (V8.7 and later) 
OXlimit                      configuration file (deprecated) 
-oXlimit                     command line (deprecated) 

The argument limit is of type numeric. If limit is missing, the value becomes zero (meaning no check is performed). If the entire RefuseLA option is missing, the value for the load cutoff defaults to 12 times the number of CPU processors. The default for the mc technique is to omit this option.

When running an MTA and an MSA in parallel, as with the V8.12 security model, consider setting the value for this RefuseLA option lower for the MTA and higher for the MSA. That way, locally submitted mail will tend to still be accepted, despite a high load average that causes the MTA to refuse outside SMTP mail.

This RefuseLA option is effective only if your sendmail binary was compiled with load-average support included (LA_TYPE). You can use the -d3.1 debugging switch to discover whether your binary includes the necessary support.

When the limit is first met or exceeded, the following message will be logged:

rejecting connections on daemon name: load average=load 

Here, name is the name give to the port that is handling the connection. That name is set with the DaemonPortOptions option (DaemonPortOptions) Name= equate. The load is the current load average.

The RefuseLA option is not safe. If specified from the command line, it can cause sendmail to relinquish its special privileges.

    Previous Section Next Section