Performance

Peter Russell pete at enitech.com.au
Wed Jan 31 23:37:25 CET 2007 


Glenn Steen wrote:
> On 31/01/07, John Schmerold <john at katy.com> wrote:
>> We're seeing significant backlogs, mail is taking 2-6 hours to get thru
>> the Postfix/Mailscanner gauntlet we've setup. What's everyone else
>> seeing in terms of mail processing time?
>>
>> I've looked at the home page & WIKI, so, I'm guessing I am missing
>> something or there are new techniques not yet published on the
>> mailscanner.info
>>
>> Some of my statistics are as follows:
>> Server config: 2.8GHz P4, 2GB DDR2, Maxtor SATA HDD
>> Mail volume: approx 7,500 messages per day
>> Misc: We have set the noatime flag on spool and log partitions & use a
>> local DNS caching nameserver.
> 
> This should be able to cope well...
> (snip)
> 
>> PostFix Configuration:
>> [root at mx1 ~]# postconf -n
>> canonical_maps = hash:/etc/postfix/canonical
>> config_directory = /etc/postfix
>> disable_vrfy_command = yes
>> hash_queue_names = ""
>> header_checks = regexp:/etc/postfix/header_checks
>> masquerade_exceptions = root
>> message_size_limit = 51200000
>> mydomain = schmerold.com
>> myhostname = mx1.schmerold.com
>> mynetworks = 127.0.0.0/8 65.16.251.208/29
>> relay_domains = katy.com katy.net katycomputer.com  schmerold.com
> Why is there no "companion" relay_recipient_maps? You should reject
> unknown recipients.
> 
>> smtpd_data_restrictions = reject_unauth_pipelining, permit
>> smtpd_helo_required = yes
> Here you should perhaps have a
> smtpd_helo_restrictions = permit_mynetworks, check_helo_access
> hash:/etc/postfix/deny_domain_spoof
> Where the deny_domain_spoof is simply an access file detailing the
> domains and IP addresses you relay for like "katy.com REJECT". Will be
> perfectly safe to use.

Glenn - should he have REJECT for domains he relays for? I am interested 
in tweaking my postfix config myself. Any chance one fo the postfix 
gurus like your self would post up your main.cf with some comments on 
your anti spam settings?


> 
>> smtpd_recipient_restrictions = reject_invalid_hostname
>> reject_non_fqdn_hostname reject_non_fqdn_sender
>> reject_non_fqdn_recipient  reject_unknown_sender_domain
>> permit_mynetworks reject_unauth_destination check_sender_access
>> hash:/etc/postfix/whitelist reject_rbl_client cbl.abuseat.org
>> reject_rbl_client zen.spamhaus.org permit
>> smtpd_sender_restrictions = hash:/etc/postfix/access
>> transport_maps = hash:/etc/postfix/transport
>> virtual_alias_domains = hash:/etc/postfix/virtual
>> virtual_alias_maps = hash:/etc/postfix/virtual
>> [root at mx1 ~]#
>>
>>
>> MS Log:
>> [root at mx1 ~]# cat /var/log/messages | grep "Jan 30 23:40"
>> Jan 30 23:40:03 mx1 MailScanner[24752]: Requeue: 4F51A4B4468.A8F46 to
>> 389AB894965
>> Jan 30 23:40:03 mx1 MailScanner[24752]: Requeue: A8330894942.93836 to
>> A6D8289500D
>> Jan 30 23:40:03 mx1 MailScanner[24752]: Requeue: 368088943F4.C0B33 to
>> 20327894942
>> Jan 30 23:40:03 mx1 MailScanner[24752]: Uninfected: Delivered 7 messages
>> Jan 30 23:40:03 mx1 MailScanner[24752]: Batch completed at 128844 bytes
>> per second (8272398 / 64)
>> Jan 30 23:40:03 mx1 MailScanner[24752]: Batch (10 messages) processed in
>> 64.20 seconds
>> Jan 30 23:40:03 mx1 MailScanner[24752]: New Batch: Found 7981 messages
>> waiting
>> Jan 30 23:40:03 mx1 MailScanner[24752]: New Batch: Scanning 10 messages,
>> 169939 bytes
>> Jan 30 23:40:03 mx1 MailScanner[24752]: Expired 11 records from the
>> SpamAssassin cache
>> Jan 30 23:40:04 mx1 named[2116]: lame server resolving
>> 'mail.voltech-auto.com' (in 'voltech-auto.com'?): 216.53.199.57#53
>> Jan 30 23:40:08 mx1 named[2116]: lame server resolving
>> '21.36.70.194.in-addr.arpa' (in '36.70.194.in-addr.arpa'?): 
>> 194.70.36.12#53
>> Jan 30 23:40:42 mx1 MailScanner[24762]: Spam Checks: Found 5 spam 
>> messages
>> Jan 30 23:40:42 mx1 MailScanner[24762]: Spam Checks completed at 1227
>> bytes per second
>> Jan 30 23:40:42 mx1 MailScanner[24762]: Virus and Content Scanning: 
>> Starting
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Virus Scanning completed at
>> 156861 bytes per second
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Found phishing fraud from
>> www.google.com claiming to be www.chase.com in 6BE8F895371.5D53A
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Content Checks: Detected and
>> have disarmed web bug tags in HTML message in 6BE8F895371.5D53A from
>> www-data at balancetechnology.com
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Requeue: 3B29B894E55.CEBEA to
>> 6535E894D8C
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Requeue: 6BE8F895371.5D53A to
>> DB04E894E55
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Requeue: 73748895A57.5ABB7 to
>> 0597D895371
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Requeue: 937E689448D.77EDA to
>> 0CB4B8953AD
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Requeue: 754F789466A.8DA78 to
>> AC1D989448D
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Requeue: D5177894E67.3DEEA to
>> A879089466A
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Requeue: A3E798940E3.B4BEB to
>> 80A7B894E67
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Uninfected: Delivered 7 messages
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Virus Processing completed at
>> 650569 bytes per second
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Batch completed at 1215 bytes
>> per second (86123 / 70)
>> Jan 30 23:40:43 mx1 MailScanner[24762]: Batch (10 messages) processed in
>> 70.85 seconds
>> Jan 30 23:40:43 mx1 MailScanner[24762]: New Batch: Found 7993 messages
>> waiting
>> Jan 30 23:40:43 mx1 MailScanner[24762]: New Batch: Scanning 10 messages,
>> 160591 bytes
>> [root at mx1 ~]#
> 
> In this snippet of log we see a lot of requeueing, but no actual
> deliveries. Are we to assume that they happen as expected? Most
> messages seem to be on HOLD, so ... that is probably nothing.

What is the regexp for your HOLD queue?

> 
> What does pflogsumm (or similar tool) have to say about the last day
> or so? Did all these messages just "plonk" in at approximately the
> same time?
> Approximately 10 messages/minute would make for somewhere around 14K
> messages/day, which isn't that good, but not horrendous either... and
> it should be able to keep up, unless you have extremely bursty
> traffic.
> Are all these adressed to the domains in question?
> If you run a message through SA, to get the network tests, do you see
> any ... noticeable ... lag anywhere? Any of the digest checks perhaps?
>

More information about the MailScanner mailing list