[Mimedefang] SA/MIMEDefang performance tweaking
Chris Gauch
cgauch at digicon.net
Wed Jun 9 17:36:02 EDT 2004
So far MIMEDefang/SpamAssassin/Clamd have been working out fairly well on
our gateway relay mail server, helping to eliminate spam/viruses before they
hit our main mail server where all our domains and user accounts reside.
We're an ISP and deal with a volume of around 200,000 email messages per day
-- 70-80% of those messages are crap, either containing viruses OR the
messages are unsolicited spam. Unfortunately the gateway MIMEDefang
filtering server is a bit underpowered (PIII 750Mhz with 1GB RAM); I plan on
ordering a dual Xeon system soon to resolve the slowness issue.
I've set up my config to use Bayes (along with DCC and Razor2) -- when the
bayes_toks DB grows to certain size (namely above 100MB), I run into major
lagging/hangs with MIMEDefang and sendmail processes. Lots of .lock files
wind up in the bayes directory and MIMEDefang slaves cannot open/write to
the files because of this, delaying mail delivery substantially. I have
tried turning off the autolearn feature in sa-mimedefang.cf (this is a
system-wide install), that has no effect -- even after rebooting
MIMEDefang/Sendmail those Bayes databases are still being modified. Is
there any way to continue to use Bayes WITHOUT autolearn enabled? Is there
somewhere else that I have to disable autolearn other than in the
sa-mimedefang.cf file??
Also, would it be wise for me (with my underpowered server) to enable
queuing for MIMEDefang (in /etc/init.d/mimedefang) and adjust the time-out
settings (perhaps lowering the time-outs)? Does restricting the memory size
of the slave processes pose any problems? Right now each mimedefang.pl
slave eats up about 64MB of physical memory (RSS), so it doesn't take long
for my system to eat up the entire 1GB of RAM -- currently I have not
imposed any memory restrictions.
If any of you can point me to (or send me) a recommended config file that
would run well on my system, I'd highly appreciate it. I've enabled BIND on
this system so that the network checks run faster, I've also adjusted the
hell out of my sendmail settings (lowering all time-outs). I only allow 30
sendmail processes on this system and have set mimedefang up to run 7 slaves
minimum, 12 maximum.
Thanks in advance for any tips.
- Chris
More information about the MIMEDefang
mailing list