On Sat, May 11, 2002 at 02:26:55PM -0500, dman wrote:
> This completely depends. First you MUST *profile* to determine where
> the hotspots are. Maybe _those_ pieces of the program would be better
> in C or ASM. Remember that 90% of the execution time is spent in 10%
> of the code (generally). Rewrting the remaining 90% of the code in a
I think most of time is spent in DNS queries and many razor on my machine.
I've just made some quick stats on my machine since I've started running
sa-exim 1.1 which logs how long SA took.
Out of 1387 Emails,
194 took 1 sec
447 took 2 secs or less
794 took 5 secs or less
906 took 10 secs or less
482 took 10 secs or more
303 took 20 secs or more
180 took 30 secs or more
77 took 60 secs or more!
One took 96, one took 99, and one took 285 seconds!
I know that a few took longer than that, but SA then got killed by exim
because my exim is configured not to ever wait more than 5mn before
returning ok on DATA.
My mail server is not highly loaded, so SA had all the CPU and IO resources
it could get its hands on (I do about 3k Emails a day, and only 600 or so
are delivered locally and go through the SA check)
I am using spamd, but I'm pretty sure what's killing me are the rbl checks.
Forgive me if this isn't new, I've only recently subscribed to this list
(way too much mail already, I was trying to cut down, but never mind).
1) I have all default DNS checks enabled plus another 3 for all 3 mail-abuse
lists. That's probably at least 10 DNS checks.
2) I also use razor, I'm not sure whether there is a timeout, or how long
it can take worst case. Info on this is appreciated
What can be done?
The RBL checks look smart and won't query the same zone several times, good.
However, since we're going to do up to 10 queries, and each can be blocking,
wouldn't it be better to fork for each DNS lookup (even optionally) and kill
the children if the DNS query hasn't returned in x seconds?
That way, since all the DNS queries are run in parallel, at worst, you spend
x seconds, not some unknown and unbounded amount of time.
Would you agree that DNS is the reason for SA ever taking more than 5
seconds (in spamd mode)?
If so, are my fork/dns suggestions reasonable?
Or am I way off and is there another problem?
Thanks
Marc
--
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/ | Finger [EMAIL PROTECTED] for PGP key
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
