[Mimedefang] Extremely high mimedefang CPU usage issues...

Rick Mallett rmallett at ccs.carleton.ca
Mon Aug 27 15:53:55 EDT 2007

On Mon, 27 Aug 2007, Kris Deugau wrote:


> *nod*  I've held off on SpamAssassin upgrades more than once due to this 
> problem - the new SA release may catch more spam, but it pushes the system 
> load up anywhere from 10-20% to an order of magnitude, and bumps memory and 
> CPU usage by about the same range.
> I ran 2.64 patched for DNS-based URI scoring for close to two years after 3.x 
> appeared due to reports of memory usage, CPU usage, and system load issues 
> with 3.x - and the fact that my spam detection rate was still pretty good 
> with 2.64.
> I was able to upgrade the hardware to allow me to upgrade to 3.1 early this 
> year.  I'm still running 3.1 on those machines, and I have no real incentive 
> to upgrade because 3.1 is working fine.
> (ClamAV is also tagging more and more non-virus mail, which keeps the SA load 
> down.)
> -kgd
> _______________________________________________

I've had pretty good luck with SA updates in the past, and I'd
like to try upgrading to 3.2.3 again, but I can't afford to do that
unless I can figure out what caused the huge jump in load average 
when I tried to upgrade on Friday.

In reading through the SA mailing list archive for August it does
appear that a few people experienced performance problems with 3.2.x,
but most were running spamd, and some had enabled plugins that were
commented out of v320.pre by default.

One suggestion that caught my attention though was "turn off the
RBL's". I know from past experience that my load average goes through
the roof whenever I let SA do RBL checks and as a result I currently

   skip_rbl_checks 1

in /etc/mail/spamassassin/sa-mimedefang.cf. However, I also have

   $SALocalTestsOnly = 0;

in mimedefang-filter because I want to use URIDNSBL. Is there any
chance that SA was performing RBL checks after upgrading to 3.2.3 but
not when running 3.1.9?.

I'd also like to know if there is any way to obtain the same debugging
information that one gets from running "spamassassin -D < message" for
an instance SA running from MD in a production environment, since that
would allow me to see if any RBL's are being queried in addition to

- rick

More information about the MIMEDefang mailing list