[Mimedefang] accept, then scan?
Andy Lyttle
mimedefang at phroggy.com
Fri Sep 21 12:43:45 EDT 2007
> I had this issue as well, but it wasn't SA that was the culprit, it
> was
> ClamAV.
In my case it's not ClamAV, it's SA. I'm using clamd, so if
something is taking too long there, "top" will show clamd taking 99%
CPU, but the problem I'm having is mimedefang.pl taking 99% CPU. I
added some code to print log messages, and confirmed that SA is
definitely the problem - sometimes it takes only a second or two to
run, but sometimes it takes 90 seconds or more.
> I solved it in three ways - first, made sure my access file in
> Sendmail
> explicitly contained the mail addresses we accept mail for by using a
> Perl script to fetch the mail addresses from Exchange (previously,
> everything was scanned and sent to Exchange to be refused there, which
> obviously was bad).
I already have Sendmail rejecting mail to non-existent recipients,
and some code in MIMEDefang to reject mail based on all kinds of
other criteria.
> Second, I added a Spamhaus ZEN DNSBL check on the Sendmail level
> directly, which started rejecting thousands upon thousands of spam on
> initial connect; false positives seem to pretty much not happen, no
> complaints at all.
I have gotten false positives with zen.spamhaus.org, but I use sbl-
xbl.spamhaus.org and a couple other DNSBLs with no problem.
~ Andy
More information about the MIMEDefang
mailing list