[Mimedefang] accept, then scan?
Kimmo Jaskari
kimmo.jaskari at eget.fi
Fri Sep 21 06:31:15 EDT 2007
On Thu, 2007-09-20 at 22:20 -0700, Andy Lyttle wrote:
> with SpamAssassin. Is that possible? The reason is, on old slow
> hardware, certain large messages are taking too long to scan (two
> minutes or more), and in some cases I'm accepting the message but the
> sending MTA timed out, so I wind up receiving duplicate messages. In
> other cases, Sendmail just times out because mimedefang took too long
> to respond, so Sendmail returning a tempfail.
I had this issue as well, but it wasn't SA that was the culprit, it was
ClamAV.
I rebuilt my filtering servers from the ground up on a newer OS version
and switched from a command-line Uvscan to Clam, and was getting mail
dupes in droves because it took Clam too long to chew through the mail.
I solved it in three ways - first, made sure my access file in Sendmail
explicitly contained the mail addresses we accept mail for by using a
Perl script to fetch the mail addresses from Exchange (previously,
everything was scanned and sent to Exchange to be refused there, which
obviously was bad).
Second, I added a Spamhaus ZEN DNSBL check on the Sendmail level
directly, which started rejecting thousands upon thousands of spam on
initial connect; false positives seem to pretty much not happen, no
complaints at all.
Third - I went back to Uvscan until my two new mailservers (which have
very beefy CPU's) can be taken into use...
/Kimmo
More information about the MIMEDefang
mailing list