> -----Original Message----- > From: John Rudd [mailto:[EMAIL PROTECTED] > Sent: Monday, November 13, 2006 2:21 PM > To: John Rudd > Cc: Dylan Bouterse; users@spamassassin.apache.org > Subject: Re: RelayChecker 0.3 (more overhead?) > > John Rudd wrote: > > Dylan Bouterse wrote: > >> > >>> -----Original Message----- > >>> From: John Rudd [mailto:[EMAIL PROTECTED] > >>> Sent: Sunday, November 12, 2006 8:26 PM > >>> To: SpamAssassin Users > >>> Subject: RelayChecker 0.3 > >>> > >>> > >>> New version of RelayChecker. > >>> > >>> http://people.ucsc.edu/~jrudd/spamassassin/RelayChecker.tar > >>> > >>> Changes: > >>> > >>> - It's now in a single tar file. Put the tar file into your plugin > >>> directory, expand it, and all should be good. The tar file includes: > >>> COPYING - the GPL > >>> RelayChecker.txt - explanations of each rule and option > >>> RelayChecker.pm - the plugin, now with copyright info > >>> RelayChecker.cf - example cf file (you should check the file) > >>> > >>> > >>> - There is now an option, relaychecker_reduced_dns, which eliminates > >>> all extra DNS checks. Instead of the PTR check, it uses the "rdns=" > >>> part of the Untrusted Relays pseudo-header, and the > >> RELAY_CHECKER_BADDNS > >>> test always returns 0. > >>> > >> > >> Is there anything about v 0.3 that would require more overhead than the > >> initial version? I just implemented the new version and sa passed -- > lint > >> with no errors but within 5-10 min of reloading amavis-new my smtp > >> response time went to multiple seconds and the load on the box went to > >> over 6. Renamed the RelayChecker.cf so it isn't read by sa and reloaded > >> amavisd and back to normal. Any suggestions? > >> > >> Dylan > > > > There shouldn't be anything that makes it _more_ intensive than the > > previous versions. Have you tried the relaychecker_reduced_dns option? > > It might be that you're just doing a lot of DNS calls today. > > > > Oh.. wait, there IS something that could make it more intensive. > > Each test is going to do the PTR lookup on its own. So, instead of 1 or > 2 DNS checks, it's going to do 5 (PTR in NORDNS, PTR in BADDNS, A in > BADDNS, PTR in IPHOSNAME, PTR in KEYWORDS). That's per message. > > But, like I said, you can reduce that with the reduced_dns option. Then > it should do 0 DNS checks.
Even after setting the reduced_dns option to 1 the load on the server stays high. I re-enabled AWL and my load stays low as long as I don't enable the RelayChecker. I get the following in the log::: Nov 13 15:51:23 p1-lk-mxfilter.power1.com /usr/sbin/amavisd[30169]: (30169-01) SMTP: NOTICE: client broke the connection without a QUIT () Nov 13 15:51:23 p1-lk-mxfilter.power1.com /usr/sbin/amavisd[30169]: (30169-01) extra modules loaded: /etc/mail/spamassassin/RelayChecker.pm Nov 13 15:51:23 p1-lk-mxfilter.power1.com /usr/sbin/amavisd[30169]: (30169-01) load: 100 %, total idle 0.000 s, busy 0.144 s Nov 13 15:51:23 p1-lk-mxfilter.power1.com /usr/sbin/amavisd[30169]: (30169-01) process_request: fileno sock=13, STDIN=0, STDOUT=1
