> >
> > > > Does amavisd-nanny show more than 12 connections in use at a
> > > > time? If not, good. You may need to reduce the number of
> > > > connections allowed in the postfix master.cf amavisd entry
> to get the
> > > > processing time down to some reasonable number.
> > > >
> > > > I see you have amavisd-new configured for 20 servers.
> > > > Are you running out of memory? CPU stuck at 100%?
> > > >
I think the problem is that I cannot find out where is the bottle neck.
So my servers are:
Postfix : 2 x Xeon 3.0 Ghz (4 core CPU)
8 GB RAM
Fast 15K rpm disks RAIDed (no io bottleneck)
Amavis: 1 x Xeon 3.0 Ghz (2 core CPU)
4 GB RAM
Same fast 15K rpm SCSI disks RAIDed (no io bottleneck)
It does not use 100% CPU all the time.
Disk io is okay, has enough memory, CPU fine.
Amavis timing looks normal.
But still when postfix+amavis is all in one machine it is okay.
When I separate them, then I see my postfix server active+incoming queue is
growing.
I really want to solve this problem.
Can someone help me?
I just want to send out everything that is scanned from amavis server
because all the spams and bad messages are discarded.
On amavisd.conf, if I put max_servers = 20 and max_requests = 20 then what
are the effects of that change?
Or on postfix master.cf, if I put "smtp inet n -
n - 500 smtpd" and more default_process for postfix to
accept, then would it be better?
I am thinking the opposite maybe I would want to reduce the number of smtpd
connections and have more amavis process running.
Oh and please look at my last part of the amavisd.conf file and sql lookup
setting. I wanted amavis server to connect upto MySQL running on postfix
server. And check if the user is valid one or not. It checks the domain if
it exists in my virtual domain table. Am I doing it correctly?
Please help.
postconf -n
---------------------
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = yes
bounce_queue_lifetime = 3d
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavis:[10.150.10.150]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 1
default_destination_concurrency_limit = 20
default_process_limit = 150
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
local_destination_concurrency_limit = 2
local_header_rewrite_clients = static:all
local_transport = error:no local mail delivery
mail_owner = postfix
mailbox_command = /usr/bin/procmail
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_backoff_time = 2h
maximal_queue_lifetime = 3d
minimal_backoff_time = 15m
mydestination = $myhostname localhost.$mydomain mail6.$mydomain
mail.$mydomain
mydomain = mailserver.com
myhostname = mail.mailserver.com
mynetworks = 127.0.0.0/8 10.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
queue_run_delay = 15m
readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
receive_override_options = no_address_mappings
sample_directory = /usr/share/doc/postfix-2.2.10/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
show_user_unknown_table_name = no
smtpd_banner = $myhostname ESMTP READY
smtpd_client_recipient_rate_limit = 50
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_error_sleep_time = 1s
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_recipient_limit = 1000
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated
reject_unauth_destination
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_sasl_authenticated reject_non_fqdn_sender
smtpd_timeout = 60s
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:89
virtual_mailbox_base = /usr/local/virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 100000000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 89
virtual_transport = virtual
virtual_uid_maps = static:89
master.cf
----------------------------------------------------------------------------
---
smtp inet n - n - 150 smtpd
#
amavis unix - - n - 12 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o fallback_relay=127.0.0.1:10024
#
10.150.10.6:10025 inet n - n - -
smtpd
-o smtpd_authorized_xforward_hosts=10.0.0.0/8
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=10.0.0.0/8
-o strict_rfc821_envelopes=yes
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
#
127.0.0.1:10025 inet n - n - - smtpd
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
amavisd.conf
----------------------------------------------------------------------------
----
# COMMONLY ADJUSTED SETTINGS:
@bypass_virus_checks_maps = (1); # controls running of anti-virus code
# @bypass_spam_checks_maps = (1); # controls running of anti-spam code
$bypass_decode_parts = 1; # controls running of decoders&dearchivers
$max_servers = 20; # num of pre-forked children (2..15 is
common), -m
$daemon_user = "amavis"; # (no default; customary: vscan or
amavis), -u
$daemon_group = "amavis"; # (no default; customary: vscan or
amavis), -g
$forward_method = 'smtp:[10.150.10.6]:10025'; # set to undef with milter!
$notify_method = $forward_method;
$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with
$unix_socketname
$policy_bank{'AM.PDP-SOCK'} = {
protocol => 'AM.PDP',
auth_required_release => 0, # do not require secret_id for
amavisd-release
};
$sa_tag_level_deflt = -9999; # add spam info headers if at, or above that
level
$sa_tag2_level_deflt = 5.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 8.0; # triggers spam evasive actions (e.g. blocks
mail)
$sa_dsn_cutoff_level = 8.0; # spam level beyond which a DSN is not sent
$sa_quarantine_cutoff_level = 12; # spam level beyond which quarantine is
off
#$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn
database)
#$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi
spam
$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is
larger
$sa_local_tests_only = 0; # only tests which do not require internet
access?
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
$final_bad_header_destiny = D_DISCARD;
@lookup_sql_dsn =
( ['DBI:mysql:database=postfix;host=10.150.10.6;port=3306', 'user',
'passwd'] );
$sql_select_policy = 'SELECT "Y" as local FROM domain WHERE
CONCAT("@",domain) IN (%k)';
$sql_select_white_black_list = undef; # undef disables SQL
white/blacklisting
$recipient_delimiter = '+'; # (default is '+')
$replace_existing_extension = 1; # (default is false)
$localpart_is_case_sensitive = 0; # (default is false)
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
