Performance numbers for a DELL R710
rwahyudi at gmail.com
Tue Jun 9 22:57:16 IST 2009
2009/6/9 Alex Neuman <alex at rtpty.com>:
> Also milter-null can help with backscatter and fake bounces.
> On Mon, Jun 8, 2009 at 5:42 PM, Kevin Miller <Kevin_Miller at ci.juneau.ak.us> wrote:
>> Doing any graylisting, greet-pause, or recipient address verification? Stopping invalid messages at the MTA handshake level takes a lot of the load off MailScanner...
>> Kevin Miller Registered Linux User No: 307357
>> CBJ MIS Dept. Network Systems Admin., Mail Admin.
>> 155 South Seward Street ph: (907) 586-0242
>> Juneau, Alaska 99801 fax: (907 586-4500
>> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Zaeem Arshad
>> Sent: Tuesday, June 02, 2009 7:42 PM
>> To: MailScanner discussion
>> Subject: Re: Performance numbers for a DELL R710
>> On Wed, Jun 3, 2009 at 12:47 AM, Martin Hepworth <maxsec at gmail.com> wrote:
>>> depends on the tests you run (RBLs etc) and the size of the emails.
>>> look in the wiki for performance and tuning on both MailScanner and
>> I have a test box with the same specs but 8 Gigs of RAM. My performance tuning so far has been
>> - tmpfs for message scanning
>> - DNS caching server on the same box
>> - Lower timeouts on Postfix (another instance handling retries)
>> - Compiled rules on SA
>> - DCC, Razor
>> - Clamd
>> - Asyncrhonous logging
>> Filesystem underneath is XFS and average mailsize is around 60KB. I have pretty much made all the changes suggested and currently the server is handling around 45000 emails/hour. Do you think increasing the number of MailScanner children might help? What other performance tweaks can I have? I am looking to scale the system to handle at least 65 emails/second with antivirus, antispam scanning and RBL checks.
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> Before posting, read http://wiki.mailscanner.info/posting
>> Support MailScanner development - buy the book off the website!
> Alex Neuman van der Hans
> Reliant Technologies
> +507 6781-9505
> +507 202-1525
> alex at rtpty.com
> Skype: alexneuman
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> Before posting, read http://wiki.mailscanner.info/posting
> Support MailScanner development - buy the book off the website!
In addition to whats already being mentioned , you might want to stop
some spam at SMTP level before you let trough more messages trough MailScanner.
- Make sure you only accept incoming email addressed to valid
recipient and limit the number of "catch-all" domain in your system
- Use rate limiting or tarpitting to prevent spam burst :
- I set up my MTA (postfix) to pause for 5 seconds on soft error
and kick them out if they make more than 5 mistake.
- Max 100 connection from 1 IP per minutes
- Get rsync feeds and run your own RBL server locally. Another benefit
of this is you can combine multiple blacklist in one zone and do just
- Run DNS cache locall.
- Populate IP based whitelist and bypass the scanning ( eg mail from
coming from known servers eg facebook, yahoogroups , myspace, ebay,
- Make use of short circuit in SA ( eg: short-circuit SURBL and
classify them as high scoring spam )
- Optimize SA rules. Do not over load SA with rules that consume a lot
- Use SQL for bayes, and only use bayes if you train them
- If you use 2 or more server, modify MailScanner caching to use MySQL
database and share the information.
- If you use MailScanner - partition and roll over the maillog table
using merge tables ( see mailscanner tips and trick )
- Use separate disk for logging. Make sure write cache is enabled
More information about the MailScanner