[Mimedefang] Parameters for tuning mimedefang

Lucas Albers admin at cs.montana.edu
Wed Sep 10 01:08:09 EDT 2003


> You should also avoid doing network-related tests (RBL, DCC, Razor, etc.)
> inside your mimedefang filter, because network latencies can cause slaves
> to pile up and your machine to grind to a horrible death.
>
If you set the rbl timeouts low at around 5 seconds for rbl,dcc,razor in
spamassassin you will not have slaves pile up with network latencies.
I had my mail server spew out because of this problem.
I fixed the rbl timeout problem by setting timeouts to 5 seconds from the
default of 30 seconds.
Not sure of the configuration to lower timeouts for dcc or razor.
2.60 of SA has an intelligent rbl lookup scheme that times out
non-responding rbl's quickly.
Here are some sendmail configuration settings I got from a high load site
on the list a few months ago, that handles 80K messages on a machine.
They will speed up sendmail on a high load site.  The timeouts have not
caused me _any_ problems.

## sendmail.mc file settings
dnl security hide mta type from scanners.
dnl define(`confSMTP_LOGIN_MSG',$j MTA $v/$Z; $b)dnl
define(`confSMTP_LOGIN_MSG',$j MTA $b)dnl
dnl this will wait 2 minutes for a command from the other mailer.
dnl this will timeout on mailers that are parasiting on my mailer.
dnl this has never caused problems on mail delivery, it just removes dnl
troublesome mailers (spammers that won't resolve ip or similar.)

dnl TIMEOUTS (MANY OF THESE)...
define(`confTO_INITIAL', `30s')
define(`confTO_CONNECT', `30s')
define(`confTO_ICONNECT', `30s')
define(`confTO_HELO', `1m')
define(`confTO_MAIL', `2m')
define(`confTO_RCPT', `2m')
define(`confTO_DATAINIT', `2m')
define(`confTO_DATABLOCK', `2m')
define(`confTO_DATAFINAL', `5m')
define(`confTO_RESET', `1m')
define(`confTO_QUIT', `1m')
define(`confTO_MISC', `2m')
define(`confTO_COMMAND', `1m')
define(`confTO_IDENT', `30s')
define(`confTO_FILEOPEN', `1m')
define(`confTO_CONTROL', `1m')
define(`confTO_HOSTSTATUS', `5m')


dnl define(`ConnectionCacheTimeout=30')dnl
dnl define(`confMAX_MESSAGE_SIZE',1500000)dnl
dnl 15 meg limit on message size
dnl set maximum deamon we can have
dnl max outoing message size.
define(`SMTP_MAILER_MAX',15000000)
dnl set max size to 15megs
define(`confMAX_MESSAGE_SIZE',15000000)dnl
dnl timeout on the initial outgoing connect
define(`TimoutIconnect=30s')dnl
dnl you will need high number then this on a high volume site.
define(`ConnectionRateThrottle',3')dnl limit number of connections per
second that are permitted.

As dave also mentions running mimedefang on a ram disk speeds things up a
lot.
You can also run clam in the clamav version, this should speed up virus
scanning. I currently run clam in non server version as I don't really
need the speed. It only takes 2 seconds to scan most messages.

I would configure it to check for virus's from File::Scan and then check
with clamscan. This should drop most of the common virus's with the first
virus scanning pass.
File::Scan does not detect as many virus's as clam.!!!!!!
Time for Virus Scanners to scan 700 megs of mail spool.
File::Scan, 20s.
Clamscan(not clamd):238s

Add this in mimedefang-begin to scan with both:
(Thanks Jason Englander? for the info originally.)
#####################################################
sub message_contains_virus () {
     my($code, $cat, $act);
     if ($Features{'Virus:FileScan'}) {
        ($code, $cat, $act) = message_contains_virus_filescan();
        #action_change_header("X-Virus-Scanned by FileScan");
        if ($act ne "ok"){
        md_syslog('warning', "Running Virus Scanner Filescan Detected
$code ");
        }
        return (wantarray ?  ($code, $cat, $act) : $code) if $act ne "ok";
    }
      if ($Features{'Virus:CLAMAV'}) {
        ($code, $cat, $act) = message_contains_virus_clamav();
        #action_change_header("X-Virus-Scanned by CLAMAV");
        if ($act ne "ok"){
        md_syslog('warning', "Running Virus Scanner CLAMAV Detected $code");
        }
        return (wantarray ? ($code, $cat, $act) : $code) if $act ne "ok";
     }
     return (wantarray ? (0, 'ok', 'ok') : 0);
}
#####################################################



--luke




More information about the MIMEDefang mailing list