maillscanner/postfix saturates bandwidth :-(

Ian Knight ian at 34sp.com
Mon Sep 24 18:35:33 IST 2012


On 24/09/12 18:15, Harondel J. Sibble wrote:
> Had an odd situation that started Friday night at one of my clients running a
> mailscanner/mailwatch mail relay for their internal Exchange 2007 server.
>
> Basically the dsl connection they share with another office was saturated
> when the office admin did a mailout on friday to about 2000 of their
> subscribers, each email was about 3.5mb total with conversion overhead.  When
> I say saturated, I mean in both the upstream and downstream directions.
> According the admin who runs the multitenant network in this office, he was
> seeing a sustained 1.6mb/s INBOUND connection to my client's firewall while
> this was happening.
>
> I intially though that someone had hacked in and was injecting spam, but
> after upstream throttling of the connection and disabling all smtp traffic, I
> was able to review the messages in the postfix deferred queue and determine
> they were part of the mailout.
>
> At this point mailq was showing 14 messages with approx 100 recipients total,
> I could then re-enable smtp traffic (in/out) at the firewall level and emails
> would be fine sending and receiving, but if I did a postqueue -f, the
> connection would saturate again until I blocked the smtp traffic, then waited
> a couple minutes before re-enabling it and the messages went back to being
> deferred.
>
> I'm trying to figure out the best way to deal witih this moving forward, is
> there additional throttling I need to do at the postifx level or the
> mailscanner level or something else.  I was also surprised as my understand
> of postfix is that it does connection throttling by default.
Just a thought if you have spam tests enabled this will be doing a lot 
of dns lookups on every email - this could be the cause of some of the 
bandwidth - installing a caching nameserver on the server will stop a 
lot of this happening - especially if its the same email going to 100 
recipients (urghh!!!) emails imo should be individually addressed, using 
bcc/cc is not the way to send a mailshot - its got a very high chance of 
landing in spam/junk folders for not being personally addressed.




More information about the MailScanner mailing list