Re: very basic SA-Learn performance question: is 90 seconds or so per token really, really slow or roughly normal?

Wed, 01 Nov 2017 15:01:27 -0700 

On 11/01/2017 04:40 PM, David Gessel wrote:

Bill,

Thanks for the advice.  I'm not too worried about the permissions config, 
though I will make the mods once I get performance up to the point where bayes 
is usable at all - I wouldn't want to lose all those sweet, sweet tokens to 
some unauthorized write premission.

-David
If you want to try to keep your existing Bayes data, try dumping it to a backup file, clear the DB, then restore it back to see if this resets things properly. Hopefully this won't take weeks to dump. :) 

https://wiki.apache.org/spamassassin/BayesMigration
BTW, do you have normal file IO performance? Have you checked iotop and iostats to see what kind of IOPs/Mbps you are getting on your filesystem where the Bayes DB files are? 


-------- Original Message --------
Subject: Re: very basic SA-Learn performance question: is 90 seconds or so per 
token really, really slow or roughly normal?
From: Bill Cole <sausers-20150...@billmail.scconsult.com>
To: users@spamassassin.apache.org
Date: Wed Nov 01 2017 06:57:55 GMT+0300 (AST)


On 31 Oct 2017, at 7:27 (-0400), David Gessel wrote:


bayes_file_mode 0777


Don't do that. I know the SiteWideBayes page recommends that, but it's wrong. 
It's a bad idea to EVER make ANY file mode 0777 on any normal system. Something 
mangled your Bayes DB. Anything running on that system *could* do so. Maybe it 
was innocent, maybe not.

One alternative: use 0770 (or even 775) and use group membership control 
access. You can then symlink the ~/.spamassassin directories of users in the 
group to that of the primary SA user (i.e. whatever amavisd runs as) OR 
hardlink the Bayes and autowhitelist files from the primary user's directory 
into that of other users.

Another alternative: use 0700 and whenever doing anything with the 
Bayes/AWL/TxRep DBs, do it as the primary user of he sitewide DB. This requires 
giving that user read access to user mail but that's safe because it already is 
seeing it all pre-delivery anyway. The safest approach for that is setting an 
ACL on the Maildir/. I use MIMEDefang instead of amavisd so the ACL for mine 
looks like this:

     bigsky:~ bill$ ls -led Maildir/
     drwx------+ 239 bill  bill  8670 Oct 31 09:31 Maildir/
      0: user:defang allow list,search,readattr,file_inherit,directory_inherit





--
David Jones

Reply via email to