[Mimedefang] RE: Large attachment timeouts

David F. Skoll dfs at roaringpenguin.com
Tue Jul 23 11:33:00 EDT 2002

On Tue, 23 Jul 2002 Dale_Whiteaker-Lewis at dell.com wrote:

> David, can you expand on what you mean when you say it's risky?  I am
> considering making the same configuration change, due to a high number of
> 451 tempfail messages.

Well, if you're scanning for viruses and for whatever reason the scanner
takes too long, then the un-scanned message will be accepted.

If you're getting lots of tempfails, the things to try in order are:

1) Put the spool directory on a RAMDisk.

2) Get more memory.

3) Get a faster server.

4) Have your external MX records point to a dedicated box which simply
   relays messages to the MIMEDefang box or boxes.  You'll still see
   tempfails, but the original sender won't, and having both boxes under
   your control lets you play with settings to smooth out the load.  The
   downside is that the sending relay info obtained by MIMEDefang will be

5) Increase the timeouts (both in MIMEDefang and the Sendmail config file)
   But beware:  The sending relay may have its own timeouts.  RFC 2281
   recommends a timeout of 10 minutes after the DATA termination.  But
   RFC 1047 cautions against excessive processing after DATA termination,
   so watch out...

6) Modify your filter to omit certain steps for large messages.  Maybe it
   doesn't make sense to scan large messages with SpamAssassin.  Maybe
   you should not invoke a virus scanner on JPEG images.  You'd have to
   come up with your own set of rules which balance efficiency with safety.



More information about the MIMEDefang mailing list