MS Performance

Ken Anderson ka at PACIFIC.NET
Mon Jul 14 21:07:38 IST 2003

We're using iptables on the MS machines; I'm not sure how to use
iptables to do this (or it is possible?). What are you using for a

Adding the top invalid recipients to /etc/mail/access should help
similarly, as long as was compiled with:
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl

Thanks for the idea,
Ken A.

Tom Sevy wrote:

> Don't know what you use for Firewalling, but I have taken the top invalid
> recipients and created a rule in our Firewalls to reject email to them.
> ----- Original Message -----
> From: "Ken Anderson" <ka at PACIFIC.NET>
> Sent: Monday, July 14, 2003 12:30 PM
> Subject: Re: MS Performance
> We relay about 500k emails a day through 2 MS machines running redhat &
> sendmail. Both machines are dual Xeon/1gb RAM/SCSI, RAID1
> About 45% of the total incoming mail is spam, half of which is deleted.
> With the exception of the following, it's a default rpm install:
> Max Children = 15
> Log Spam = yes (since we need the logs for stats.)
> MS Spam Action is "attachment, deliver".
> If one rbl goes down or is slow, we found that we very quickly had a
> backlog of 20k messages, so we've turned off rbl checks in SA. Adjusting
> the timeouts for rbl checks may be a better solution.
> We've made a few other tweaks to the default MS settings, but I don't
> think they are related to performance.
> The load average when the machines are sharing the mail load is usually
> about 3-4, rising to about 10-15 when one machine handles the full load
> by itself. Everything seems to fit into memory, there is no swapping to
> disk, and the average delay for a message being relayed is < 1 minute.
> A possible bottleneck is syslog, since both sendmail & MS are very busy
> adding log entries to the maillog, though I haven't done any testing to
> see if this is really a problem.
> Another bottleneck is the way 'user unknowns' are handled. Currently,
> because mail is relayed through the MS boxes, the MS boxes don't know if
> the user exists at the domain or not. So MS spends time scanning mail
> that is destined for a user that doesn't exist. Next Sendmail tries to
> deliver it and it is rejected by the destination mailserver. Then
> sendmail tries to bounce it back to an address that usually doesn't
> exist, or a mailserver that is not accepting connections or can't be
> resolved. Using re-mqueue to re-queue outgoing mail is helpful with this
> problem.
> Ken A.
> Tony Johansson wrote:
>>>I am processing around 600.000 messages on two dual xeon machines, daily,
>>>with peaks to 800.000-1.000.000 daily. I think MS is doing just fine :)
>>>Most of the time its a matter of the test setup also that is limiting the
>>>figures. Also some tweaking on the machines wont harm...
>>What MTA are you using? I recall an earlier post by Julian where he tested
>>exim vs sendmail on one of his test machines, getting 3 times the
>>throughput with exim.
>>I'm interested in what kind of performance people are getting with
> sendmail
>>and MS. I'm about to design a system built on redhat and sendmail which
>>will handle lots of relaying (500k-1mil email daily approx)
>>I'd rather use sendmail but if the performance gain with exim really is 3
>>to 1 that might be the road we haveto take.
>>regards, Tony

More information about the MailScanner mailing list