User validation is going to be tough or all but impossible. This box forwards off the mail to an NT box running SL Mail. There is no easy way to get a userlist out of this product. In addition the users change daily and some even use multi-drops.
Ed --------------------------------------------------- Talk is cheap since supply always exceeds demand. --------------------------------------------------- -----Original Message----- From: DAve [mailto:[EMAIL PROTECTED] Sent: Friday, February 10, 2006 12:39 PM To: users@spamassassin.apache.org Subject: Re: General assistance Ed Russell wrote: > [EMAIL PROTECTED] smtpd]# spamassassin --version > SpamAssassin version 3.1.0 > running on Perl version 5.8.7 > > > Spamd running with: > OPTIONS="-L -x -d -u nobody -m 45" > > No user verification or RBL at the MTA level. Absolutely do user verification. I can throw out from 20% to 80% of my traffic depending on the current level of dictionary and Joe-Job attacks. Since you are processing ahead of your clients Exchange boxes I'm not sure how you can do that with qmail. I do it on my gateways running MailScanner via milter-ahead, and on my toasters via checkuser in vpopmail. There might be a way to get qmail to check with an Exchange box to validate a user without running vpopmail, but I won't know it. DAve > > > 12:20pm up 4:05, 1 user, load average: 9.49, 9.23, 9.23 > 313 processes: 300 sleeping, 12 running, 1 zombie, 0 stopped > CPU states: 18.9% user, 16.6% system, 0.0% nice, 64.4% idle > Mem: 2009856K av, 711560K used, 1298296K free, 353776K shrd, 129268K > buff > Swap: 2097136K av, 0K used, 2097136K free 225380K > cached > > As you can see I have loads of head room as far as memory goes. I was > looking into integrating RBL into Qmail, but with the very high volume I am > quite concerned that this will introduce a slowdown. If I increase the > inbound concurrent rate I eventually run into qmail-scanner problems with > reformime. Is there anything else I need consider? > > Ed > > --------------------------------------------------- > > Talk is cheap since supply always exceeds demand. > > --------------------------------------------------- > > > -----Original Message----- > From: Kristopher Austin [mailto:[EMAIL PROTECTED] > Sent: Friday, February 10, 2006 12:06 PM > To: [EMAIL PROTECTED]; users@spamassassin.apache.org > Subject: RE: General assistance > > >>-----Original Message----- >>From: Ed Russell [mailto:[EMAIL PROTECTED] >>Sent: Friday, February 10, 2006 10:51 AM >>To: users@spamassassin.apache.org >>Subject: General assistance >> >>Am I completely off base in the way I have this all setup? I have > > went > >>with >>a higher speed HD to increase the threshold on file I/O. Can I tune > > the > >>performance of razor etc while maintaining delivery time? Is there >>anything >>else I should be considering? If I have not explained things well or > > more > >>information is needed I will certainly provide anything. >> > > > A few questions I have: > What SA version are you running? spamassassin --version > What do you have --max-children set to? > How much memory do you have free when the box is fully loaded? > > I'm trying to see if you have any headroom left to have more spamd > children running. It sounds like your problem is with waiting on DNS > returns. This should mean that you have plenty of processing power > remaining just not enough children to handle the requests. > > Other things to consider: > Do you use RBLs at the MTA level? > Do you have user verification at the MTA level? > > Look for messages your MTA can drop before sending to SA. > > Kris > > >
