Building an MS-SA box

Julian Field mailscanner at ecs.soton.ac.uk
Sun Feb 22 14:05:18 GMT 2004


At 13:48 22/02/2004, you wrote:
>-----Original Message-----
>From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
>Sent: Sunday, February 22, 2004 8:17 AM
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: Re: Building an MS-SA box
>
>>I agree with the comments about Solaris's nscd. It appears to slowly grow
>>without limit. I have had one taking about 800MB of RAM after the box had
>>been up for a few months. Linux's nscd might be better, but most people only
>>need to cache DNS responses, which is better done with bind as it is more
>>configurable.
>
>Well, linux doesn't really do any more magic than the others out there,
>honestly nscd works best for pam and auth related stuff than for dns lookups
>which is what I am using it for in this instance. It runs ok, and is not
>that phat actually. But I do agree, that I have seen it bottleneck the box
>due to cpu consumption.
>
>OK, I have to ask the author this question directly, as the answers from the
>list seem to range in response. OK, I have delivery rules such as the
>following (for both spam and notspam.delivery.rules):
>
>FromOrTo:       default                 delete
>FromOrTo:       mweiner at bmarts.com      store deliver
>
>The thought here was to temporarily store the email so I can use later for
>Bayesian training. However, it has come up in the list a few times that some
>people think when the options are set as above "store deliver" then that
>piece of email is not getting processed at all. Meaning when
>mweiner at bmarts.com gets an email, it gets stored and not processd via sa or
>even clamav. Is this the case? I could sift through code, but that's not
>really very valuable to me at this point. What I need is to figure out what
>is causing clamav not to run or at least tag or log anything to indicate
>that its running properly through ms and it was indicated that the delivery
>options may be the problem.
>
>Any additional insights?

There is no reason that "store deliver" should adversely affect the mail
processing. What happens if you just set the non-spam action to "deliver"
and use the "Archive Mail" setting to archive your mail?

>--
>At 12:41 22/02/2004, you wrote:
> >IMHO, you are better off running a cache/slave DNS like bind or
> >tinydns.  On Solaris we have found that nscd can be a bottleneck, not a
> >help.  When we moved our web service (apache) from HP to Solaris, we
> >were getting really poor response until we turned off nscd.  I have it
> >turned off on all of my Sun boxes, including my MailScanner box.
> >Others may have different insight on nscd.
> >
> >Jeff Earickson
> >Colby College
> >
> >On Sat, 21 Feb 2004, Ugo Bellavance wrote:
> >
> > > Date: Sat, 21 Feb 2004 23:35:59 -0500
> > > From: Ugo Bellavance <ugob at CAMO-ROUTE.COM>
> > > Reply-To: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
> > > To: MAILSCANNER at JISCMAIL.AC.UK
> > > Subject: Re: Building an MS-SA box
> > >
> > > >
> > > >> 2) configure a caching nameserver on the MS box.
> > > >
> > > >DEFINITELY!! currently running nscd-2.3.2-27.9.7 (aint redhat's
> > > >latest versioning crazy?)
> > > >
> > >
> > > nscd?
> > >
> > > Is is better than to use the package named "caching nameserver"?
> > >
> > > I don't need to cache other services.
> > >
> > > Thanks,
> > >
>
>--
>Julian Field
>www.MailScanner.info
>Professional Support Services at www.MailScanner.biz MailScanner thanks
>transtec Computers for their support PGP footprint: EE81 D763 3DB0 0BFD E1DC
>7222 11F6 5947 1415 B654

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654



More information about the MailScanner mailing list