From: Anthony Howe
Date: 2008-03-31 05:53:44 -0400
Subject: Re: Centralizing milters
More information..: http://www.milter.info/#Support
Richard McLean uttered...:
> Up until now we've been running single server type situations with the
> snert milters, self-contained with each server running their own
> copies of the milters. Now we're looking to centralize, particularly
> with ClamAV and Spamassassin.
Why? If it works, why muck with it?
> I know the hows and the whys, just wondering if there are any gotchas
> to look out for, good values for limits/timeouts, or any tips for the
> clamd/spamd config.
I've not tried this myself, but I'd be wary of centralising
SpamAssassin, even with all the latest performance improvements, SA can
consume a lot of resources and if you centralise it, you'll only
increase the resource demand from one machine to many machines.
Can't say comment much on clamd resource usage, but it has a huge
signature scanner too. I would expect that centralising clamd will also
increase resources on the machine running clamd. Also clamd will
probably need lots of tmp. disk space to save it's copy of the message
to scan and extract attachments.
Also consider the increased network traffic involved to send a copy of
the message between machines. When it's on the same host you can use
unix domain sockets in place of network sockets, which I would expect to
be slightly more efficient.
> And to add another question to this, how do you currently separate the
> services? For example, do you have:
> a) the milters running on each server, and central clamd/spamd.
> b) Centralized everything (milters, clamd, and spamd), and using
> IP:port for the socket in the sendmail.mc on the individual
If you centralise the milters, you may need to enlarge their socket
queues I suspect (milter-queue option).
Anthony C Howe Twitter: SirWumpus SnertSoft
+33 6 11 89 73 78 Skype: SirWumpus BarricadeMX & Milters
http://www.snert.com/ ICQ: 7116561
Copyright 2009, 2012 by SnertSoft. All rights reserved.