There is no difference for the remote SMTP client whether you use
spampd in "pre-accept" mode, or amavisd-new in "pre-accept" mode.
Both approaches have the same problem: when it takes too much time
to inspect a message, the remote SMTP client will time out.
Right. Amavisd tries to get all processing done in the
allocated time ($child_timeout) and does pass the information
on remaining available time to SpamAssassin too, so that
the less essential processing may be skipped if a deadline
is near. I'm not sure if spampd is capable of doing it too.
Amavis release notes say:
Provided that required minimal versions of Postfix and SpamAssassin
are available, on can try amavisd in a Postfix proxy setup. The
$child_timeout setting needs to be radically reduced in this setup,
matching the longest time most SMTP clients are willing to wait, and
must be less than Postfix is willing to wait (smtpd_proxy_timeout),
which by default is 100 s.
A sensible value is somewhat less then a minute (e.g. 45 seconds).
Even though RFC 5321 (section 4.5.3.2.6) recommends that clients
SHOULD be willing to wait for 10 minutes at data-end stage, it is
not uncommon that this recommendation is not adhered to.
So the FAQ for Amavis:
---
The Postfix Before-Queue Content Filter setup, also known as smtpd_proxy
setup, is not a supported or recommended setup with amavisd-new, which
is not a transparent SMTP proxy by design. See caveats in
README_FILES/SMTPD_PROXY_README. This setup might work amavisd-new for
low-traffic sites which do not use authentication, but is not recommended.
---
This is a cautionary speech - amavisd is not 100% transparent proxy
and in this sense it does not meet Wietse's requirement for a
support/warranty. Nevertheless, it is close enough to the
'fully transparent' that it plays well and reliably with current
versions of Postfix and no surprises are expected for the future.
So, as you said - *if* spampd was an acceptable "solution" for someone,
there's no additional risk to using Amavis as described above.
Do, I have that right?
Yes. There is likely and advantage in amavis regarding meeting
the configured deadlines.
Mark
