Spamassassin is slow - any tips or good commercial alternative?
James Gray
james at gray.net.au
Mon Jun 23 03:47:17 IST 2008
From: "Charlie" <mi6 at orcon.net.nz>
>>I manage a mail cluster for an ISP that has about 100,000 subscribers
>>online at any given time. I'd hazard a guess that close to all of
>>those subscribers have a mail client running the whole time. We have
>>implemented an exim set up that allows 3 concurrent connections from
>>the subscriber IP pools, 5 from from other IP's and a maximum number
>>of simultaneous SMTP sessions of 1000 per server. This is on each
>>server in the cluster (4 servers in total) and we only ever see the
>>maximum concurrent per IP rules being hit, never the maximum total.
>
>Thank you James - this will be very helpful I suspect.
>We also are using Exim as the MTA, so any specific config advice for Exim
>would also be greatly appreciated :)
>BTW we are using one server (Pentium 4, 2.4GHz, 1GB RAM), currently have
>1500 active paid users,
>and am expecting up to 10,000-15,000 active paid users in the future (say,
>1 or 2 years from now).
Hi Charlie,
Here's the relevant bits from one of our clustered mail servers. This was pulled from a CentOS 4.6 system running a custom-compiled Exim 4.43 (added MySQL support), but is otherwise standard.
/etc/exim/exim.conf
...
hostlist relay_from_hosts = localhost : /etc/exim/relay_ip_address
acl_smtp_rcpt = acl_check_rcpt
exim_user = exim
exim_group = exim
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 12h
timeout_frozen_after = 1d
smtp_accept_max = 1000
smtp_accept_queue = 500 # Only queue messages when we have 500+ SMTP sessions
# The format of "/etc/exim/smtp_limits" should have the IP of the
# sender in the first column, terminated with a colon, then white space
# followed by the maximum connections for hosts in that range, eg:
# 1.2.3.4: 3
# 1.2.4.0/24: 3
# *: 5
# See http://wiki.exim.org/FAQ/Configuration_cookbook/Q9812
smtp_accept_max_per_host = \
${lookup{$sender_host_address}lsearch{/etc/exim/smtp_limits}\
{$value}\
{\
${lookup{${mask:$sender_host_address/24}}lsearch*{/etc/exim/smtp_limits}}\
}}
begin acl
acl_check_rcpt:
accept hosts = :
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
dnslists = list.dnswl.org
logwrite = $sender_host_address is whitelisted at dnswl.org
deny message = $sender_host_address is listed at $dnslist_domain
local_parts = !postmaster
hosts = !+relay_from_hosts
dnslists = cbl.abuseat.org : \
zen.spamhaus.org : \
list.dsbl.org : \
bl.spamcop.net
require verify = sender
accept domains = +local_domains
endpass
verify = recipient
accept domains = +relay_to_domains
endpass
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
begin routers
... your routers go here ...
begin retry
# Domain Error Retries
# ------ ----- -------
# Adjust over-quota retries - retry every 3 mins, after 30 mins, fail the message.
* quota F,30m,3m;
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
And that's about it :) The rate limiting for our LDAP/POP servers is handled by the load balancers. Keep in mind the limits on a clustered host are multiplied by the number of hosts in the cluster (assuming linear round-robin of connection pooling), so these limits are actually quite high ;)
HTH,
James
More information about the MailScanner
mailing list