> > > Am 10.06.2016 um 04:49 schrieb Bill Cole: >> On 9 Jun 2016, at 0:53, Henrik K wrote: >> >>> Garbage text/plain is known problem.. >> >> text/html too. From GMail. >> >> Last week I had a *perfectly legitimate* message with a 151KB logical >> single line of HTML (QP encoded of course) freeze up a server scaled for >> 10k users. It did it slowly over a day, because it took a spamd child >> ~20 minutes to scan > > why in the world do you allow a single spamd child to scan 20 minutes > for a message and what happens if all your childs have such mails to > proceed - that's hardly scaled for 10k users on rainy days > > time_limit 20 > > read the manual, it works like shortcircuit meaning all other rules > already finished (RBL/URIBL in any case) will give their score and so > you don't open the machine widely while stop easy DOS attacks with > handcrafted mails
>From the manual: This is a best-effort advisory setting, processing will not be abruptly aborted at an arbitrary point in processing when the time limit is exceeded, but only on reaching one of locations in the program flow equipped with a time test. Currently equipped with the test are the main checking loop, asynchronous DNS lookups, plugins which are calling external programs. Rule evaluation is guarded by starting a timer (alarm) on each set of compiled rules. What does this mean, can still a single operation take more than this time_limit? But I guess the timer on the rules means the rules at least cannot take more than time_limit, right? > > if the server is not a feature-phone when you don't have a result within > 20 seconds you hardly get one 5 minutes later (besides that in a proper > setup rejecting based on teh result the client don't wait that long and > comes again and again) > >
