on 4/16/02 7:54 PM, Bill Cole at [EMAIL PROTECTED] wrote: > At 9:48 AM -0700 4/16/02, Mark S. Strom imposed structure on a > stream of electrons, yielding: >> Recently I updated to SIMS 1.8b8 in order to be able to use multiple >> blacklist DNS servers to cut down on the spam. Modeling one poster's >> settings I'm using the following dns blacklist: >> >> sbl.spamhaus.org >> spamsites.relays.osirusoft.com >> dialups.relays.osirusoft.com >> relays.visi.com >> >> (This is in addition to another 20 or so IP address ranges in the server's >> blacklist; these were from known spam relays or dialups used for relays >> from a couple of years back that were widely circulated on this list.) >> >> However, since using the 4 blacklist dns servers I've noticed a substantial >> pause on the server (the clock doesn't move) when there is incoming mail, >> lasting for about 20 seconds. Is this a normal byproduct of the dns lookups >> that are going on? This generally wouldn't be a big deal for the amount of >> mail this server processes, but since it does reside on our main web server >> (Webstar), it is impacting that. > > The DNS queries will cause this. If I recall correctly (always a > roulette spin) there really isn't any way to do a DNS query on MacOS > without locking the system for as long as the query takes. This is > one reason to try to reduce the number of DNSBL's, you use in SIMS. > For example, you COULD use the parent relays.osirusoft.com zone > instead of the first 3 entries and set up your IP blacklist to only > reject the return values that map to spamhaus, spamsites, and > dialups. That would ruduce the number of queries you are making with > each connection.
I'm not sure I follow you here about using the blacklist to reject return values that map to spamhaus, spamsites, and dialups. What exactly do I put in the blacklist? (sorry if I'm being dense here) > The other thing to look at is the speed of your nameserver. If you > are using a machine on the other side of a slow link of some sort OR > a Mac running MacDNS locally to do your resolution, you are imposing > a delay. Any mailserver really needs a fast recursing/caching > nameserver on the same LAN with it to avoid DNS delays. Here I'm at the mercy of our net admins. I'm having to use a DNS on our WAN which has been pretty fast--the one on our LAN has problems and I'm not sure that our IT department is actually skilled in this area--I did identify several problems for them yesterday and supposedly they're working on it. ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
