SA Timed Out (Redux)

Chris Trudeau chris at TRUDEAU.ORG
Tue Oct 14 12:41:32 IST 2003


I have changed nothing EXCEPT updating the Net::DNS and Digest perl
modules...and have not had a timed out message in over 48 hours...Not sure
if its a "solution" but perhaps something to try!  All I did was update the
existing ones.


----- Original Message -----
From: "Kevin Spicer" <kevins at BMRB.CO.UK>
Sent: Saturday, October 11, 2003 4:43 AM
Subject: Re: SA Timed Out (Redux)

> On Sat, 2003-10-11 at 03:49, Chris Trudeau wrote:
> >Using DCC/Razor and RBL checks...any ideas on how to determine if these
> >are timing out?  Its weird that in batches of multiple emails...only
> >one
> >message will result in the timed out message...
> If you have any copies of affected messages try running spamassassin -D
> <message.txt against it and see where the delays are.  Most probably its
> DNS checks (maybe RBLs) causing problems.
> >Any ideas about that?  FWIW...I have a MailScanner 4.23/SA 2.55 machine
> >right next to it...on the SAME pipe...that is not experiencing these
> >problems...identical configurations...
> Is one machine a primary and one a secondary MX?  Some spammers
> persistently use lower preference MX's.
> >P.S.  I would rather messages that timeout...then get re-queued...and
> >re-scanned...seems to me that a default timed out resulting in delivery
> >would present an avenue for a DOS against SA...SPAMMERS could
> >say...hmmm...all we have to do it cause SA to timeout...and everyone
> >using it...would DELIVER our messages....hmmmm.....I could be and am
> >likely wrong...
> If its something that spammers did to a message to get SA to time out
> then it would time out every time SA tried to process.  Fine, it doesn't
> get delivered - BUT... imagine getting hundreds of these stuck in your
> incoming queue.  Then imagine the effect this would have on the delivery
> of genuine mail.  Spammers don't give a damn whether they interfere with
> your regular mail, and its not a great leap to think that some
> enterprising spammer would start deliberately DOSing sites (esp ISP's)
> which did the above to encourage them to turn SA off.
> BMRB International
> +44 (0)20 8566 5000
> _________________________________________________________________
> This message (and any attachment) is intended only for the
> recipient and may contain confidential and/or privileged
> material.  If you have received this in error, please contact the
> sender and delete this message immediately.  Disclosure, copying
> or other action taken in respect of this email or in
> reliance on it is prohibited.  BMRB International Limited
> accepts no liability in relation to any personal emails, or
> content of any email which does not directly relate to our
> business.

More information about the MailScanner mailing list