Re: [AMaViS-user] Amavisd-new/Postfix plugged queue (Long)

Ed Lucero Tue, 22 Aug 2006 15:18:27 -0700


> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:amavis-user-
> [EMAIL PROTECTED] On Behalf Of Tom Gwilt
> Sent: Tuesday, August 22, 2006 10:56 AM
> To: amavis-user@lists.sourceforge.net
> Subject: [AMaViS-user] Amavisd-new/Postfix plugged queue (Long)
> 
> Hi all,
> 
> I would like to apolgize in advance for the length of this message.
> 
> The hardware:
> Dell SC1600, Xeon 2.4G, 1G RAM, 2 18G SCSI drives
> 
> Software (OS, etc)
> hostname: gw1.suite224.net
> FreeBSD 6.1
> amavisd-new amavisd-new-2.4.2 (20060627)
> postfix-2.3.20060207
> perl 5.8.8
> spamassassin 3.1.3 (running Razor2, URI checks, and a few SARE rulesets)
> clamav 0.88.4
> 
> Our current email setup
> cambot.suite224.net (currently primary MX) running CGatePro 4.1.8
> gw0.suite224.net (outbound mail scanner) postfix/amavisd/sa/clamd
> 
> I decided to place an inbound scanner in front of cambot using
> the same basic setup as I used for outbound mail, which has worked
> perfectly for over 2 years.
> 
> Changed our primary MX record to gw1 and tailed (-f) /var/log/maillog.
> 
> All seemed to go well for about 25 minutes, then the mailq started to grow
> and inbound mail was delayed.
> 
> By the time 8 hours had passed, the mailq had grown to over 14,500
> messages and it appears that these are messages that have made it to
> postfix, but not yet to the smtp-amavis filter.
> 
> >From the postfix master.cf:
> 
> smtp      inet  n       -       y       -       -       smtpd
>           -o content_filter=smtp-amavis:[127.0.0.1]:10024
> smtp-amavis     unix    -       -       y       -       4       smtp
>         -o smtp_data_done_timeout=1200
>         -o smtp_send_xforward_command=yes
>         -o disable_dns_lookups=yes
> 
> 127.0.0.1:10025 inet    n       -       y       -       -       smtpd
>         -o local_recipient_maps=
>         -o smtpd_restriction_classes=
>         -o smtpd_client_restrictions=
>         -o smtpd_helo_restrictions=
>         -o smtpd_sender_restrictions=
>         -o smtpd_recipient_restrictions=permit_mynetworks,reject
>         -o strict_rfc821_envelopes=yes
> 
> I'm running a bounce_queue_lifetime value of 2 hours
> initial_destination_concurrency = 50
> local_transport = local
> maximal_backoff_time = 2000s
> maximal_queue_lifetime = 1d
> minimal_backoff_time = 500s
> relayhost = [72.2.95.2]
> smtp_connect_timeout = 10s
> smtp_helo_timeout = 30s
> smtpd_recipient_restrictions = permit_mynetworks,
> reject_unauth_destination, reject_non_fqdn_recipient, reject_rbl_client
> sbl-xbl.spamhaus.org
> 
> Here is the amavisd.conf file:
> 
> use strict;
> 
> $MYHOME = '/var/amavis';
> $mydomain = 'suite224.net';
> $daemon_user = 'vscan';
> $daemon_group = 'vscan';
> #$daemon_chroot_dir = $MYHOME;
> $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
> 
> $QUARANTINEDIR = "/$MYHOME/quarantine";
> $TEMPBASE = "/$MYHOME/tmp";
> $ENV{TMPDIR} = $TEMPBASE;
> $helpers_home = $MYHOME;
> $pid_file  = "/$MYHOME/amavisd.pid";
> $lock_file = "/$MYHOME/amavisd.lock";
> $db_home   = "/$MYHOME/db";
> $SYSLOG_LEVEL = 'mail.info';
> 
> $max_servers  = 4;
> $child_timeout=20*60; # we need to adjust the timeout since it is not a
> localhost transfer
> 
> $inet_socket_port = 10024;
> $forward_method = 'smtp:[127.0.0.1]:10025';
> $notify_method = $forward_method;
> $inet_socket_bind = '127.0.0.1';
> 
> @local_domains_maps = ( read_hash("$MYHOME/local_domains") );
> read_hash(\%local_domains, '/etc/postfix/relay_domains');
> 
> $DO_SYSLOG = 1; # (1 = syslog, 0 = logfile)
> $log_level = 2; # (0-5)
> 
> 
> $MAXLEVELS = 14;
> $MAXFILES = 1500;
> $MIN_EXPANSION_QUOTA = 100*1024;
> $MAX_EXPANSION_QUOTA = 300*1024*1024;
> 
> # SpamAssassin settings
> $final_spam_destiny = D_DISCARD; # Set to D_REJECT, D_PASS to pass through
> $sa_local_tests_only = 0;
> #$sa_auto_whitelist = 1; # comment this line out to turn off auto
> whitelist
> $sa_mail_body_size_limit = 64*1024; # 64KB
> $sa_spam_level_char = 'x';
> $sa_tag_level_deflt = -999.0; # controls adding the X-Spam-Status and
> X-Spam-Level headers,
> $sa_tag2_level_deflt = 5.0; # controls adding 'X-Spam-Flag: YES', and
> editing Subject,
> $sa_kill_level_deflt = 15.0; # triggers spam evasive actions
> $sa_spam_subject_tag = '[SPAM] ';
> $spam_quarantine_to = '';
> $sa_debug = 1; # comment this line out to turn off debugging
> 
> # Anti-Virus Scanner
> 
> @av_scanners = (
> 
> ### http://www.clamav.net/
> ['ClamAV-clamd',
>   \&ask_daemon, ["CONTSCAN {}\n", "/var/amavis/clamd.sock"],
>   qr/\bOK$/, qr/\bFOUND$/,
>   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
> );
> 
> $X_HEADER_TAG = 'X-Virus-Scanned';
> 
> ### End here but keep the line below ###
> 
> 1; # insure a defined return
> 
> And finally, some of the log entries:
> 
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: mail for
> [127.0.0.1]:10024 is using up 14037 of 14037 active que
> ue entries
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: you may need to reduce
> smtp-amavis connect and helo timeouts
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: so that Postfix quickly
> skips unavailable hosts
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: you may need to increase
> the main.cf minimal_backoff_time and ma
> ximal_backoff_time
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: so that Postfix wastes
> less time on undeliverable mail
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: you may need to increase
> the master.cf smtp-amavis process limit
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: please avoid flushing
> the whole queue when you have
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: lots of deferred mail,
> that is bad for performance
> Aug 22 03:58:41 gw1 postfix/qmgr[17562]: warning: to turn off these
> warnings specify: qmgr_clog_warn_time = 0
> 
> 
> I have tried modifying the settings, but to no avail. Any suggestions?
> 
> FWIW, amavisd/spamassassin caught and either blocked or flagged 125,667
> SPAM messages in 13 hours.
> 
> Thanks


Hi Tom

I have a mx front end that does grey listing.

288,762 messages were delayed, of these only 16,752 were re-delivered and
passed thru.

The reports reflect SAV rejections, and anviling and other checks. But of
the 838,000 rejects 34% were from grey listing.

Ed


2006.08.21 MX Servers
---------------------

##################
## Global stats ##
##################

Events        : 528027
Passed        : 210252
Early         : 29013
Delayed       : 288762

Probable SPAM : 283385
Throttled     : 0

###############################
## Whitelist/AWL performance ##
###############################

Breakdown for 210252 accepted messages:

Whitelists  : 2.69%     (5656)
Domain AWL  : 45.19%    (95003)
>From AWL    : 44.16%    (92841)
Delayed     : 7.97%     (16752)

*************************************
Postfix log summaries for Aug 21

Grand Totals
------------
messages

 286381   received
 278376   delivered
     14   forwarded
    963   deferred  (6943  deferrals)
  10266   bounced
    838k  rejected (75%)
 148243   reject warnings
      0   held
      0   discarded (0%)

   7930m  bytes received
   7790m  bytes delivered
 118546   senders
  61686   sending hosts/domains
  38625   recipients
   5753   recipient hosts/domains

smtpd

    1413k  connections
  178149   hosts/domains
       3   avg. connect time (seconds)
 1265:42:39  total connect time


Per-Hour Traffic Summary
time        recevd delivd deferd bouncd rj_4xx rj_5xx errlim rj_anv
0000-0100     9728   9527    215    252   9076  28127  13162  11610
0100-0200     7674   7154    175    685   9970  20840  10348  16404
0200-0300     7919   7819    249    419  10850  25060  11242  16106
0300-0400     7310   6977    261    271  10694  23646   9853  13828
0400-0500     8704   8157    239    462  13345  32960  12294  15521
0500-0600    10519   9993    222    417  14315  29585  12871  14781
0600-0700    11738  11699    147    360  12679  31496  11096  21326
0700-0800    13499  13503    212    296  13657  25789  10895  18010
0800-0900    14415  14410    175    490  12884  21261  10589  14227
0900-1000    15223  15542    259    628  12752  21755   9274  22018
1000-1100    17105  16715    269    438  10900  25816   8503  18338
1100-1200    18215  17968    282    491  11599  32252   8306  23202
1200-1300    14882  15169    283    269  11849  23758   9553  31882
1300-1400    16323  16056    307   1106  10060  23621   8951  24441
1400-1500    13992  14067    450    296  10779  21984   8684  19667
1500-1600    13048  12913    322    290  11835  19309  10225  16738
1600-1700    14323  13301    318    358  10938  19671   8998  13636
1700-1800    11017  10385    316    297  10158  23094  10129  10595
1800-1900    10411   9641    343    605  13821  20608  11460  19233
1900-2000    11663  10666    416    752  11868  21372   9439  13749
2000-2100    10047   9793    421    328  13591  20077  11401  12290
2100-2200     8212   7925    308    263  11684  20990   9451   9528
2200-2300     9508   8435    398    167   8068  27957   9504   9425
2300-2400    10906  10561    356    326   7750  22712   8265  11750




-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Re: [AMaViS-user] Amavisd-new/Postfix plugged queue (Long)

Reply via email to