Building an MS-SA box

MW Mike Weiner (5028) MWeiner at AG.COM
Sun Feb 22 13:48:18 GMT 2004


-----Original Message-----
From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
Sent: Sunday, February 22, 2004 8:17 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Building an MS-SA box

I agree with the comments about Solaris's nscd. It appears to slowly grow
without limit. I have had one taking about 800MB of RAM after the box had
been up for a few months. Linux's nscd might be better, but most people only
need to cache DNS responses, which is better done with bind as it is more
configurable.

Well, linux doesn't really do any more magic than the others out there,
honestly nscd works best for pam and auth related stuff than for dns lookups
which is what I am using it for in this instance. It runs ok, and is not
that phat actually. But I do agree, that I have seen it bottleneck the box
due to cpu consumption.

OK, I have to ask the author this question directly, as the answers from the
list seem to range in response. OK, I have delivery rules such as the
following (for both spam and notspam.delivery.rules):

FromOrTo:       default                 delete
FromOrTo:       mweiner at bmarts.com      store deliver

The thought here was to temporarily store the email so I can use later for
Bayesian training. However, it has come up in the list a few times that some
people think when the options are set as above "store deliver" then that
piece of email is not getting processed at all. Meaning when
mweiner at bmarts.com gets an email, it gets stored and not processd via sa or
even clamav. Is this the case? I could sift through code, but that's not
really very valuable to me at this point. What I need is to figure out what
is causing clamav not to run or at least tag or log anything to indicate
that its running properly through ms and it was indicated that the delivery
options may be the problem.

Any additional insights?
--
At 12:41 22/02/2004, you wrote:
>IMHO, you are better off running a cache/slave DNS like bind or
>tinydns.  On Solaris we have found that nscd can be a bottleneck, not a
>help.  When we moved our web service (apache) from HP to Solaris, we
>were getting really poor response until we turned off nscd.  I have it
>turned off on all of my Sun boxes, including my MailScanner box.
>Others may have different insight on nscd.
>
>Jeff Earickson
>Colby College
>
>On Sat, 21 Feb 2004, Ugo Bellavance wrote:
>
> > Date: Sat, 21 Feb 2004 23:35:59 -0500
> > From: Ugo Bellavance <ugob at CAMO-ROUTE.COM>
> > Reply-To: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
> > To: MAILSCANNER at JISCMAIL.AC.UK
> > Subject: Re: Building an MS-SA box
> >
> > >
> > >> 2) configure a caching nameserver on the MS box.
> > >
> > >DEFINITELY!! currently running nscd-2.3.2-27.9.7 (aint redhat's
> > >latest versioning crazy?)
> > >
> >
> > nscd?
> >
> > Is is better than to use the package named "caching nameserver"?
> >
> > I don't need to cache other services.
> >
> > Thanks,
> >

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz MailScanner thanks
transtec Computers for their support PGP footprint: EE81 D763 3DB0 0BFD E1DC
7222 11F6 5947 1415 B654



More information about the MailScanner mailing list