Re: Exim, SpamAssassin and AV-advice needed
Le ven 10/01/2003 à 19:59, Derrick 'dman' Hudson a écrit :
> On Fri, Jan 10, 2003 at 03:51:52PM +0100, Kjetil Kjernsmo wrote:
> | Hi folks!
> | I have some real trouble with my mail server. It is running on a Pentium
> | PRO 180 MHz box with 96 MB RAM, and last night the whole thing almost
> | died. My analysis of the situation makes me think that I need to work a
> | lot more on my config.
Strange thing because exactely the same thing happened to me: I found my
mail server agonizing this morning, OOM-killing everything as its 512M
RAM + 512M swap were exhausted ... I just had to killall spamc spamd to
recover it. Apparently there may be a kind of spam/virus/forged mail
which is geared toward killing spamassassin.
> Tips for performance tuning SA :
> 1) use the spamc/spamd combination -- it stresses the system a
> lot less
> 2) Limit SA to scan only a few messages concurrently. Add '-m 5'
> to the command line options passed to spamd.
Good, I didn't try this one. It makes sense. The only problem I see is
that my mailserver receives lots of mails; this may force it to lag
behind too much.
> 3) Don't scan really large messages, or scan just a subset of them
> (btw, the default for spamc is to not send messages larger
> than 250k to spamd; you can adjust this with the "-s" option
> or by conditions on the director in exim.conf)
> | But obviously, I would rather have a virus scanner take care of
> | those large MS-virus-attachments, so SA won't have to deal with
> | those.
> Naturally, but I would just use a version 4 ACL or the system filter
> (I believe the system filter will be run before the director that runs
> SA, the filter can "fail" (bounce) or "seen finish" (drop) the
> | I hope this could reduce the load somewhat in situations like
> | this. (Or would it?)
> It might, but it might not. It depends on where the size falls in
> relation to other thresholds (like the 250k threshold in spamc).
> | I have allready grabbed his SpamAssassin backport,
> Version 2.43? You shouldn't be running anything older than that.
I'm using the 2.20 version that came with woody. I tried installing the
version from unstable, but it complained about some unsatifiabled
dependencies (can't remember which by now).
Spamassassin seems to be a package needing frequent upgrades to counter
spam evolution. Is there a mean to upgrade woody's sanely ?
Thanks for your tips,