On 20.12.2015 15.08, Reindl Harald wrote:
Am 20.12.2015 um 14:00 schrieb Jari Fredriksson:
Now trying to get to the actual problem:
All my SA daemons get jammed by every client being reserved and taking
loooong time so that they will time out and nothing gets filtered and no
SA stuff show up in the mail headers.
Seems NOT to be dns (Net::DNS.pm 0.83)
is there high CPU load?
reduce the number of parallel scans by limit the number of parallel
connections from outside
or try to get rid of most zombies by using something like postscreen
with RBL scoring in front which should kill at least 90% of all zombies
before they ever touch the contentfilter
from the raspi:
jarif@gamecock ~ $ uptime
15:29:36 up 9 days, 18:45, 2 users, load average: 0.33, 0.37, 0.40
arif@gamecock ~ $ free -m
total used free shared buffers cached
Mem: 925 916 9 0 11 33
-/+ buffers/cache: 870 55
Swap: 1869 67 1802
The Ubuntu is just now running daily masscheck and has cpu load up, but
my haproxy is not much passing the calls for it anyway. Uses mostly this
gamecock which is a raspi up 24/7/365
I have postgrey and other pre-spamd options on right now just to trying
to keep SA load as bearable (for the moment). zombies get rejected by
greylisting and
Dec 20 12:32:58 diseapps postfix/smtpd[17381]: NOQUEUE: reject: RCPT
from ds4366.hostname.net.au[202.125.44.24]: 554 5.7.1 Service
unavailable; Client host [202.125.44.24] blocked using zen.spamhaus.org;
https://www.spamhaus.org/sbl/query/SBL256495;
from=<ad...@hostname.net.au> to=<x...@xx.fi> proto=ESMTP
helo=<ds4366.hostname.net.au>
and basic postfix checks.
--
jarif.bit