01234567890123456789012345678901234567890123456789012345678901234567890123456789
Matt Kettler wrote:
Linda Walsh wrote:
Matt Kettler wrote:
I see 3 DB's in my user directory (.spamassassin).
auto-whitelist (~80MB), bayes_seen (~40MB), bayes_toks (~20MB)
expiry will only affect bayes_toks. Currently neither auto-whitelist nor
bayes_seen have any expiry mechanism at all.
---
So they just grow without limit?
Yep. Not ideal, and there's bugs open on both.
How often does the whitelist get sync'd to disk?
In the case of the whitelist, it's per-message.
-----
*ouch* -- you mean each message writes out an 80MB white-list file?
That's alot of I/O per message, no wonder spamd seems to be slowing down...
Having changed the user_prefs files back to the default
setting (i.e. deleted my previous addition) -- 2 days ago, and system was
rebooted 1day14hours ago, I'm certain spamd has been restarted.
Hmm, can you set bayes_expiry_max_db_size in a user_prefs file? That
seems like an option that might be privileged and only honored at the
site-wide level. An absurdly large value can bog the whole server down
when processing mail, so an end user could DoS your machine if allowed
to set this.
----
I *thought* I could set it -- certainly, the only place I
*increased* the tokens beyond the *default* was in user-prefs. That
*seems to have worked in bumping up the toks to 500K, but, now,
lowering it, is being ignored. Perhaps the user-pref option to set
#tokens changed and an old version allowed it and raised it to 500K,
but newer version disallows so I can't 'relower' it (though I'd think
global 150K limit would have been re-applied).
That said, 3.1.7 is vulnerable to CVE-2007-0451 and CVE-2007-2873.
You should seriously consider upgrading for the first one.
-----
While I was supporting multiple local users at one point, I'm only
local user, so local-user escalation to create local service denial isn't
top-most concern. Doesn't mean shouldn't upgrade for other reasons.
I'm still *Greatly* concerned about an 80MB file being written to disk
potentially on every email message incoming. That's seems a high
overhead, or are their mitigating factors that decrease that amount
under 99% of the cases?
Tnx,
Linda
