[Mimedefang] Should I try to do MIMEDefang with Mailscanner forbackup MX

Steve Campbell campbell at cnpapers.com
Sat Jun 24 19:21:17 EDT 2006


Thanks for the help..

Quoting Les Mikesell <les at futuresource.com>:

> On Sat, 2006-06-24 at 07:55, Steve Campbell wrote:
> > I configured sendmail using mostly domains as the criteria for everything.
> As
> > you both know, there are quite a few different ways of setting up sendmail
> to
> > recognize who is local, what should be relayed, how to define the path for
> the
> > relay to the next server, etc. So in my case, if email comes in to the
> primary
> > MX for a domain, it knows by the domain name, that it should use the local
> > delivery to the mailbox. If mail arrives on the backup MX, it knows it
> should
> > relay it, and where to relay it, because of the domain the mail is
> addressed to.
> If the user turnover isn't huge or you can script it, there is
> yet another approach that might work.  On the secondary, use
> virtusertable with entries like:
> realuser1 at domain1  realuser1 at deliverydomain
> realuser2 at domain1  realuser2 at deliverydomain
> @domain1  error:nouser No such user here
> That gives basically the same effect as using the
> access file with a default deny, but is more flexible
> if you want to forward some mail to different locations.

Good idea, also. As I mentioned, sendmail provides a lot of different ways to do
the same thing. Right now, I use virtusertable mostly for handling
duplicate-named virtual users on the same server.

realuser at domain1  realuser1 at deliverydomain
realuser at domain2  realuser2 at deliverydomain

Seems everybody wants the same email user name.

> > These servers are pretty hefty, and are rarely down. My load problems are
> mostly
> > due to the buildup sendmail process of non-deliverable mail, not delivery
> of
> > real mail. 
> I wonder if you really have some other problem, like internal
> machines sending viruses or spam.  If you just shut down your
> secondary so the primary doesn't have to generate undeliverable
> bounces for unknown users most of this should go away.  There
> really isn't that much value in having a second MX anyway if
> you aren't down a lot. The sending mailers will queue and
> retry anyway.

I'm not certain that the pending mail is completely the problem. I don't think
there is any viruses getting through. I don't think it has been rooted (knock on

I do know a couple of things about the situation, but I'm not sure what it is
telling me. If I get rid of the pending bounce files, Load average drops to a
much normal figure for a while. "top", though, shows Bitdefender and ClamAV
taking up most of my resources, but it LA isn't always high when these are
running. So I'm not sure what all of this is telling me.

The second server, primary for the other domains, secondary for the domain on
the problem server, gets about the same amount of mail, has the same OS and
applications, is set up the same way, and is an identical machine hardware-wise,
yet it's load seldom shows and backlog (< 2.0, usually around 1.0). The problem
machine floats around 5.0, and starts climbing above 7.0 whenever sendmail has
to do anything.

Sorry this has turned into such an OT type sendmail thread, but I think its very
interesting, and really appreciate all the input.


> -- 
>   Les Mikesell
>    les at futuresource.com
> _______________________________________________
> NOTE: If there is a disclaimer or other legal boilerplate in the above
> message, it is NULL AND VOID.  You may ignore it.
> Visit http://www.mimedefang.org and http://www.roaringpenguin.com
> MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

This mail sent through IMP: http://horde.org/imp/

More information about the MIMEDefang mailing list