[Mimedefang] Dedicated Anti-Spam Server Config

Martin, Jeremy jmartin at gsi-kc.com
Wed Sep 8 09:49:56 EDT 2004 

> > anti-spam server, then another file "smtproutes" lists which servers
> > each domain's mail should be sent to once it has been processed.
>
> > How do I reproduce this with Sendmail/MIMEDefang -
>
> With the "mailertable" feature.  In your sendmail.mc file, use:
>	FEATURE(`mailertable')
> Then create a file called /etc/mail/mailertable that looks like this:
> domain1.net		esmtp:[host.for.domain1.mail]
> domain2.net		esmtp:[host.for.domain2.mail]
> Then generate the mailertable database file (probably by typing
> "make -C /etc/mail" on a modern Linux system.)

Thanks for the info! I had just stumbled across that feature but the
mailertable examples and the make command were very helpful.

> The 26,000/minute figure is highly suspect.  I doubt you can do a
> SpamAssassin scan that quickly.  Plain-vanilla Sendmail without 
> any scanning will have trouble sustaining that throughput unless 
> you use exotic hardware like a battery-backed ramdisk for the mail 
> queue.

They were using a battery backed ramdisk actually, but I have just been
experimenting by setting up /dev/ram0 and /dev/ram1 as 512MB ramdisks,
since those PCI ramdisks are quite expensive. I've just been using rsync
every 5 minutes to backup the ramdisks and upon system bootup I'm
rsyncing the files back onto the ramdisks. 

They insist the 26k figure is real but it's only attainable by running
two sendmails (one per CPU), 2 Ethernet cards per CPU (4 total). I'm
really not sure if the extra NIC's help or not but using at least 2 of
them may be a requirement of having each Sendmail affiliated with a
different CPU. Haven't got that far yet, just testing on a single CPU
box for now with 1 NIC....

On the other hand I just got 237/minute with my initial MIMEDefang test
which still beats the hell out of 6/minute on our existing production
Qmail/Qmail-scanner spam filters, without having to spend thousands on a
battery-backed ramdisk, or mess with the built in ramdisks. 

> Our CanIt and CanIt-PRO products, based on SpamAssassin with a SQL
> back end, can sustain 10-15 messages/second on comparable hardware.
> Without the SQL back end, you could probably do at most 20/second.

Interesting, thanks for the stats. By the way are you using
SpamAssassin's built in ConfSourceSQL.pm or did you need to modify it?
So far we have just had to apply one patch to it to allow for per-domain
SQL rules (instead of just global or per-user) - curious as to how much
modifications you needed to make for use in your CanIt products?

Cheers
Jeremy

More information about the MIMEDefang mailing list