[Mimedefang] LDAP lookup in each function or write the LDAP results to the spool?

[Stephen Johnson]

On Wed, 2006-10-04 at 14:25 -0800, Matthew Schumacher wrote:

> Any thoughts on this?  Anyone else run into this and do some
> benchmarking?  Perhaps it's a wash, but it's something to think about.

I'm using LDAP as a part of a anti-virus/spam cluster I run for out
clients. I'm not doing anything LDAP inside of Mimedefang, but I an
using the sendmail LDAP schema for the access_db and mailer_db
databases. As you may not know sendmail does an ungodly number of lookup
in the access_db for each connection, sender and recipient. And the
number of lookups increases as the number of feature that use access_db
you use.

I've got 2 sendmail front-ends that are both mostly hitting the same
LDAP server node. They probably go through 400K-600K total connection
per day. Most of which are rejected for one reason or another. Lately
both mail front-end have been processing 220K+ e-mail a day though
Mimedefang.

So far I've not had any issues with LDAP servers being a bottle neck.
The important thing is to have a proper set of indexes built for your
data schema. Making sure that the ldap server process has sufficient
ullimit resources to handle your mail load. And to remember that LDAP is
designed to be a read-mostly service. If you are doing lots of writes to
the datastore, a RDB might be a better choice. 
-- 
Stephen L Johnson                       stephen.johnson at arkansas.gov
Unix Systems Administrator              sjohnson at monsters.org
Department of Information Systems       Phone: 501-682-4339
State of Arkansas