>KAV versions I've seen are not fully transparent proxies, they respond >with banner 220 and EHLO 250 before making a downstream connection. The >connection to the downstream server may happen as late as "." (after >the content is scanned). It is certainly important to make sure that >the configured concurrency into the filter is not too high and that >the downstream re-injection port concurrency is at least that high.
The downstream re-injection port concurrency is a bit higher than the concurrency into the filter. Below is the chain a message follows : smtpd (port 25, 100) -> spawn/kas-pipe (port 9026, 50) -> spawn/smtpscanner (port 10025, 60) -> spawn (port 9025, 70). spawn/kas-pipe (port 9026, 50) : to antispam spawn/smtpscanner (port 10025, 60) : to antivirus spawn (port 9025, 70) : back to postfix [EMAIL PROTECTED] marco]# telnet 127.0.0.1 9026 Trying 127.0.0.1... Connected to mx.dts.mg (127.0.0.1). Escape character is '^]'. 220 kas30pipe.dts.mg ESMTP Service ready -> I get this message instantaneously [EMAIL PROTECTED] marco]# telnet 127.0.0.1 9025 Trying 127.0.0.1... Connected to mx.dts.mg (127.0.0.1). Escape character is '^]'. 220 mx.dts.mg ESMTP Postfix (DATA TELECOM SERVICE) -> I get this message instantaneously [EMAIL PROTECTED] marco]# telnet 127.0.0.1 10025 Trying 127.0.0.1... Connected to mx.dts.mg (127.0.0.1). Escape character is '^]'. 220 mx.dts.mg ESMTP Kaspersky Lab. -> It takes forever to get this one ... So I guess my problem is with the antivirus... >The OP should measure process concurrency, CPU utilization, disk >utilization, ... Possibly tcpdump the Postfix -> KAV and >KAV->postfix traffic and look for delays. However I have no issue with CPU,Ram utilisation and Disk IO Wait.
