[milters] Archive

Lists Index Date Thread Search

Article: 1386
From: Anthony Howe
Date: 2007-01-04 11:34:25 -0500
Subject: Re: Have they cracked it? (Or am I simply paranoid?)

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

G1OGY (Dave) wrote:
>> How long does it take for the command line scan of an example message
>> on average?
>>
> 
> For a legit mail - between 1.3 and 5 (depending on size - as they say
> in the spam ;) Between 3 and 8 seconds for the average spam.  If
> FuzzyOcr gets in to the frame (given a picture attachment) then it
> can extend to 12 or 15 secs but never more than 20.  ~Extraordinary~
> numbers like 158, 159 or 166 seconds are visible in the current
> weekly log.

Well I ment just that particular spam message. I'm wondering if SA is 
trying to consult so many different DNS BLs for an opinion, that they 
all time out and that delays it long enough for the milter/SA or 
sendmail/milter connection to timeout.

>> Are you consulting maybe too many BLs. 
> 
> I'd say the minimum effective:
> Spamhaus (combined)
> dsbl.org
> njabl (combined)
> all out of sendmail

I'm more concerned about the SA BLs consulted by the plugins like: 
URIDNSBL. SPF and DomainKeys are DNS based.

>> Have you updated recently SpamAssassin?
> 
> Have you stopped beating your wife?  Damned either way ;)  No. (3.1.7)

Well I'm not married and have no girlfriend, so no cracks about beating 
my bit. SpamAssassin has interim updates for rules I thought. There was 
a DomainKeys bug I recently helped SA team find in the plugin, cause a 
client thought it was in milter-spamc.

>> Have you increased the spamd-timeout value from the default 120s?
> 
> Er.. No. Needs a spamassassin code hack, doesn't it? (and a
corresponding increase in the sendmail timeout too, I'd have
> thought...)

http://www.snertsoft.com/sendmail/milter-spamc/#opt_spamd_timeout

And yes, if you increase the milter/SA timeout, you'll have to increase 
the sendmail/milter timeout in sendmail.mc.

Also watch the timestamps of the logs. If you turn on 
verbose=info,trace,dialog you might spot gaps of time.

Watch too for large bursts of connections that might cause 
sendmail/milter thrashing. Try settings the option milter-queue to 
something larger than 20 (hmm, this option might not yet be available 
just yet as it might be in the set of updates I've been working on).

-- 
Anthony C Howe          Skype: SirWumpus                    SnertSoft
+33 6 11 89 73 78         AIM: SirWumpus    Sendmail Milter Solutions
http://www.snert.com/     ICQ: 7116561
     http://www.snertsoft.com/

Lists Index Date Thread Search