[Mimedefang] SMTP error return after DATA?
Michael Sims
michaels at crye-leike.com
Fri May 9 11:45:01 EDT 2003
Quoting John Rowan Littell <littejo at earlham.edu>:
> I know you said you didn't want to hear about hardware upgrades, but
> here's a thought (if you're not already doing it): run the MIMEDefang
> spool directory on a memory filesystem (TMPFS, or whatever your OS
> calls it). This could help with the speed of scanning quite a bit.
The only reason that I haven't bothered with that on the main mail exchanger is
that it doesn't seem that disk I/O is the main source of the problem. For
kicks I tried removing the SA check, and when I did this the load problems all
but disappeared. But MIMEDefang still has to process the message in the spool
even without SA, so this lead me to believe that the speed of the spooling
process wasn't the major factor.
With that said, I have already setup TMPFS on the server that will eventually
become my dedicated MD/SA machine. I suppose I could give TMPFS a shot on the
primary server just to see...
> Are you running only Sendmail on this box, or do you have mail access
> (POP/IMAP) as well? Do you have a webmail system on it?
Unfortunately I have POP/IMAP and webmail both on this same server. Our old
server was a canned Windoze product that combined SMTP, POP, and webmail. It
didn't do any content filtering at all, and was very feature limited, so a
single machine was sufficient. Now that we've went through the upgrade we're
experiencing a good bit of growing pains due to all of these services being on
the same box.
I am going to be moving the webmail interface (Horde/IMP) to a dedicated server
soon, so that should help.
> The other option I can think of is trying to run SpamAssassin checks
> through spamd. I know it's been discussed here before, but I can't
> recall what the upshot was.
I'm no expert on spamd, but I don't think it's really necessary with MIMEDefang
since MD already handles the daemonizing/forking/etc.
> You could try, if you're willing to sacrifice some spam detection,
> using a sliding scale for whether you're going to run the message
> through SpamAssassin within MIMEDefang: if load average is above a
> threshold, don't run SA checks. Or somehow negatively correlate the
> maximum message size you're willing to run through SA with the load
> average.
That's a thought, but it would give spammers as gauranteed method to bypass my
filters...all they have to do is flood my servers and they've bypassed
SpamAssassin.
Thanks for all of the suggestions, you've given me some good food for thought
here...
___________________________________________
Michael Sims
Project Analyst - Information Technology
Crye-Leike Realtors
Office: (901)758-5648 Pager: (901)769-3722
___________________________________________
More information about the MIMEDefang
mailing list