v188.8.131.52 Beta for Linux RPM Available
J.Ede at birchenallhowden.co.uk
Thu Feb 19 08:04:20 GMT 2015
From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller
Sent: 18 February 2015 22:56
To: 'MailScanner discussion'
Subject: RE: v184.108.40.206 Beta for Linux RPM Available
Regardless of motive, we all appreciate your work in keeping MailScanner alive!
Re: the Postfix integration, Jules mentioned the disagreement between him and Venema on more than on occasion. The issue was one of efficiency, IIRC. MailScanner batches the virus and spam scanning on up to 30 messages at once (or some such). Doing it with a milter is going to spawn a scan for each inbound message taking more system resources. Or so the theory goes. I don't have any imperical data to substantiate the practical difference on a high volume mail server, but I always agreed with Jules because 1, he's a heck of a nice guy, and 2, I used sendmail with MailScanner. Gotta root for the home team after all. ;-) I got the impression that it was a bit of pride and a "not invented here" attitude on the postfix side but I've never had any interaction with Venema so that may not be the case at all.
I'm going to try Postfix on my new gateways, mostly because it purports to do LDAP lookups against AD for recipient verification. Exchange 2013 won't properly let me do a call-ahead with smf-sav so I need some sort of LDAP integration to cull out the non-existant users at MTA time to avoid back-scatter.
If you do attempt to implement a solution after the fashion that Venema recommends, it would be instructive to test it against a stock MailScanner installation, capturing time and load statistics. It may be a wash, or it may be that there's a significant difference. I burn through maybe 10K messages a day, with around 650 users so my servers probably wouldn't know the difference. I'd imagine that it would make a big difference however for servers that are doing multi-million messages a day...
We've always used postfix with MailScanner and never had a problem with it. At their peak our 2 servers were having around 5-6million connection attempts per month out of which MS scanned around 200,000-300,000 a month. The batch process to me always made sense especially when the system was busy as it means you're not duplicating resources. The only benefit I can see in a milter, besides keeping the postfix guys happy, is that it gives you the option to reject the message if you decide it's spam rather than having to quarantine it.
Running spamd as opposed to the perl module would make a lot of sense and would cut down the resources needed on the server. The benefits of being able to move clam to a daemon were fantastic.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the MailScanner