On Fri, 2009-01-23 at 11:04 +0100, Richard Foley wrote: > Hi postfix profis, > > I'm running postfix 2.1.5-9 for several domains. Of course it handles the > workload with ease, but when I tail the mail.log the screen scrolls > constantly as it's just rejecting spam every second. The good thing is that > all these accesses are rejected, and logged. Also good is that postfix seems > to do most of the rejecting before handing off to amavis-new, for example, so > the CPU is used fairly efficiently I suspect. The bad thing is that this > still seems as though this amount of data processing must surely be excessive > for just a couple of domains, and and I'm wondering if I can reduce that > overhead any more. I've attached my main and master cf's and a few hundred > lines of mail.log output which shows less than one minutes worth of logging, > with the vain hope that someone might have some constructive criticisms to > offer with which to improve this setup. > > Thanks in advance for any (helpful ;) comments.
If it isnt broken , dont fix it :-) If you are seeing a lot of reject lines ( because of spamhaus ? ). That is natural. We get upto 400k connections per hour on some of our postfix servers and postfix handles them all well. 80% get rejected. What are you trying to optimize ? Are you looking to upgrade your postfix (2.1x is old ) 1) Do you reject unknown users using check_recipient_access pcre:/etc/postfix/recipient_checks a hash map or a cdb map file may be better 2) smtpd_sender_restrictions seems to duplicate checks in smtpd_recipient_restrictions , so you may drop them 3)The smtpd_recipient_restrictions seems to have an unnecessary reject_unknown_recipient_domain, If you are rejecting unknown users >
