mailscanner/postfix issue (this is going to make me mad)

Marco Barbero marco.barbero at gmail.com
Tue Mar 25 16:32:37 GMT 2008 

Hi all

Scenario is the following:
Dual Xeon Quad Core 4GB Ram
Debian Etch, custom kernel 2.6.24.3

A)  At the first I use the following env:

MTA: postfix
MailScanner 4.67.6
SpamAssassin 3.2.4
Razor , DCC
vispan (only for spam stats)
avira antivir

I use drbd 8.2.5 for network mirroring (using heartbeat 1.2.5) of
postfix/mailscanner queues and for mailscanner quarantine and bayes.

I use list.dsbl.org and dnsbl.njabl.org, plus I have spamhaus feed
using rbldnsd and rsync. All the dnsbl are set on postfix
configuration

I use avira antivir like Virus Scanner.

Had to say this is not my first experience with MailScanner. I'm using
it since 2004
with success using both sendmail and postfix like MTA.

This time this scenario has a high traffic mail (about 3/4 millions
every month).
Ok after debugging both mailscanner and spamassassin I tried to put
the thing in production environment.

After a while I noticed queues began to grow. I look at logs and seems
problem appears during requeing (so after mailscanner checks). In
short words: it works but it's slow and delays are noticeable.
vmstat and top doesn't show any important bottleneck.   Postfix smtpd
processes grows fast and they reach max in a few time.
So I tried to block port 25 using a firewall and in 1 minute all
queues empties....


B)  So I tried to do this (thinking about postfix developers not
loving Mailscanner)
MTA on port 25:  Postfix
MTA on port 26: Sendmail/MailScanner

So Postfix receives mail from Internet and then send them to Sendmail
on port 26 that call MailScanner.
Run the test and issue persists. And are always postfix queues to fill
up.  Postfix people says that this happens because of postfix rate
limit, so I cannot blame Postfix for this. For postfix people problem
is still on MailScanner.

C) So I tried this:
MTA on port 25:  Sendmail
all other pieces of software like first env

Things do not come better. Delays persist and sendmail suffer.
I tried two things:
1) disable spam checks and issue persists
2) disable mailscanner at all with no issue


D) So I tried to use Sendmail but downgrade MailScanner to 4.61.7 (a
release I'm sure it's working well since I have it in other recent
production environment).

And... it works with no more issues.  Delays now are few seconds
(againts 5-10-20 minutes)

Ah..so problem is MailScanner 4.67!?!?  All rights, let's put again
Postfix using MailScanner 4.61.
I do that and issue come back again......

So let's sum up:

Postfix 2.3.8 + MailScanner 4.67 =   ISSUES
Postfix 2.3.8 + Sendmail 8.13 + MailScanner 4.67 = ISSUES
Sendmail 8.13 + MailScanner 4.67 = ISSUES
Sendmail 8.13 + MailScanner 4.61 = WORKS WITH NO ISSUES!!!!
Postfix 2.3.8 + MailScanner 4.61 = ISSUES

This makes me mad.  Why this happens?

Like said before I have similar working installations (less traffic
and using clamav in place of antivir). What's happening this time?

It seems postfix related (always) and mailscanner related (4.67)

Maybe postfix related?
Maybe mailscanner related?
Maybe drbd related?

Any helps or hints will be appreciated

Adding:  during postfix tests, I noticed in logs this:
MailScanner[10310]: Cannot lock /tmp/AntiVirBusy.lock, Permission denied

/tmp/AntiVirBusy.lock is 600   Putting it 777 suppress log but does
not resolve performance issue.
This does not appear at all using sendmail


Thanks

More information about the MailScanner mailing list