[Mimedefang] really high cpu

[John Nemeth]

On Jul 2,  5:02am, "James Ebright" wrote:
} 
} Not to get into the basic Linux vs the world debate here (Otherwise known as 
} my OS is better), but:

     I don't generally get into that debate either.  I run several
different versions of UNIX depending on my needs.  I do my preference,
but I try not to get too biased.

} On Wed, 9 Feb 2005 02:55:31 -0800, John Nemeth wrote:
} 
} >>Nah, recent versions of Solaris can easily beat Linux. 
} 
} >>    Load is certainly important, but looking for other things such 
} >>as whether the machine is swapping is more important.  If the machine 
} >>swaps, get more RAM. 
} 
} >>    The ability to tune a server and eliminate bottlenecks is one thing 
} >>that seperates professional system administrators from wannabes.  If you 
} >>don't know what you're doing, then you can make any system run slow.  If 
} >>you do know what you're doing, then you can make any system run fast as 
} >>long as you have decent hardware and a decent OS. 
} 
} It depends, Have you benchmarked a recent Linux system on comparable 
} hardware, like I said, you would be surprised. As far as using "server grade" 

     Recent Solaris releases have made significant performance
improvements as well.  However, I think there are more important things
than pure performance, such as reliability.  ext2fs just doesn't cut
it.  I realise that there are other filesystem choices now, but are
they ready for prime time?

} hardware, that goes without saying. I managed a server farm of over 40 
} servers, and 3 clusters, mixed OSs, primarily Solaris and Linux. My ISP had 
} OVER 500,000 customers (yes, 1/2 million) and my region had over 56,000 email 
} accounts in our cluster. We did WELL over 10,000 messages a day (granted, 
} this was before MIMEDefang and spam was only becoming a major problem 

     Prior to using MIMEDefang, I did 10,000 messages per day on a 143
MHz UltraSparc 1, running Solaris 2.6 (not exactly current) and only
224 MB RAM without any problems.  The machine also ran a bunch of other
services.

} industry wide when I left). So, unless you have done some unbiased testing, 
} you can not make the claim above, esp. when it is contrary to much anecdotal 
} evidence on the net (which I also take with a grain of salt ;-) ).

     Anecdotal evidence is only worth what you paid for it (which is
generally nothing).

} MIMEDefang does seem to be RAM hungry but this goes without saying, if a 

     Actually, it is SpamAssassin that is RAM hungry.  MIMEDefang by
itself isn't that bad.

} server swaps out much at all, you need to add more RAM or look at your 
} running porocesses to see what you need to cull. Once a system is tuned, the 

     At the time of installation, I cull everything that isn't needed,
especially anything related to graphical stuff.  This is done not only
for performance reasons, but also for security reasons (the fewer
things you have running, the smaller your attack surface).

} Also, if you are not running a DNS caching server on your sendmail box then 
} you need to, DNS is a large bottleneck for sendmail, even saving the extra 

     I have a DNS server on the same segment and don't have any
problems (not counting parity errors killing the DNS server, but that
machine is scheduled to be replaced).

} I mention the hosts file as it is a common mistake made by less experienced 
} admins, eg:  one ISP we purchased had EVERY server they owned and every nodes 
} IP listed in their hosts file that they updated from a cetralized database... 
} the hosts file was close to 1MB whch is not all that large, but sendmail 
} reads that file in something like 3 times for every single message that came 
} in or out of that server... needless to say... it was causing speed and 
} memory issues.

     This would be an example of not very good system administration.
Although, I have to give them credit for having it updated
(automatically?) from a centralised database.  Many people that do this
sort of thing use hand updates, making for a maintenance nightmae (not
only due to the effort to update it but also due to out of date
copies).  BTW, 1 MB may not be that large of a file by today's
standards, but relatively speaking it is huge for /etc/hosts.  A far
more common problem that I see is extremely large /etc/passwds (another
file that is linearly searched many times).

} I am not saying I know all, and all of our testing was done with Solaris 8, 
} which I referenced above, I have no experience with Solaris 9, the tuning 

     Reportedly Solaris 9 and 10 have significant performance improvements.
Also, Solaris 10 is supposed to be self tuning.

} sendmail book is a good reference as well, I did not think about it as I am 
} more familiar with the more archaic bat book as that is what I had available 

     I have the bat book.  I haven't actually read the tuning sendmail
book, but it is on my list (along with other books, and I already have
enough reading material to last a life time -- must take a speed
reading course).

} at the time. We had Solaris 8 pretty fine tuned, we also had Linux fine tuned 
} as well, and in our benchmarks and live tests Linux smoked Solaris as far as 
} sendmail was concerned, it was not even close. 

     I've never seen performance issues on Solaris, starting with
Solaris 1.x, except due to things like overly large /etc/passwds.

}-- End of excerpt from "James Ebright"