[Mimedefang] Performance parameters

David F. Skoll dfs at roaringpenguin.com
Fri Feb 27 13:25:55 EST 2004 

On Fri, 27 Feb 2004, Steve Moore wrote:

> I am trying to plan for MD/SA deployment here.  I would like to get the
> benefit of experienced MD/SA users' concerning performance.  Our site
> processes up to 500,000 messages daily.  Our average message size is
> 30KB.  Our max mail message size is 100MB.

100MB???  Wouldn't 5 or 10 be more reasonable?

> We have two AIX 5.1 machines
> running commercial sendmail behind a Cisco local director for load
> balancing.  One AIX machine is a dual processor with 4GB of memory and it
> has cpu and i/o wait below 30%.  The other machine is a uniprocessor with
> 1GB of memory and it also has cpu and i/o wait below 30%.  Both machines
> have separate spindles for /var/spool.  We do not do AV on these
> machines.  That is accomplished at another layer.  Our plan is to tag and
> pass all mail along to the client. The only content analysis we are
> interested in at the moment is spam probability.

> My questions are as follows.
> 1) Is it possible to process the current workload with the two machines
> listed above once MD/SA is added to the mix?

It's pushing it.  The single-CPU box worries me.

> 2) Should I expect a 20% scan time improvement by adding RAMdisk?

You cannot run a high-volume MIMEDefang server *without* a RAMdisk.
Consider it mandatory.

> How would you rank the performance cost of each of the checks below?  How
> would you rank the benefit of each of the checks in calculating spam
> probability?

> 1) SA rbl checks.

Cheap in terms of CPU; killers in terms of memory because network
latency keeps processes hanging around.  Avoid if possible.

> 2) SA Bayesian analysis.

Very good if everyone has his/her own Bayes DB.  Of dubious value
if it's a shared DB.

> 3) SA Razor checks.

Network tests can kill you because of latency.  Let's say you're
doing 500K messages/day, or around 7/second.  If the razor server takes
3 seconds to respond, that's 21 slaves that back up waiting for a
response.

> 4) SA dns availability.

Not sure what that one means.

Regards,

David.

More information about the MIMEDefang mailing list