[theforum] MOD: qmail

Dean Mah dmah at shaw.ca
Sat Dec 2 10:08:53 CST 2006


PURPOSE:

To allow some spam and virus detection without a performance degradation.


BACKGROUND:

Awhile back, to prevent the lock up of qmail/mailman, spamassassin and
clamav was removed from the mail processing pipeline.  This is usually
okay for the normal lists like thelist, theforum, thechat, etc. where
posts from non-members are rejected.  However, because the content list
must remain accessible to the general public, a lot of spam comes through.

evolt.org is running a qmailrocks distribution where a patch to the core
qmail distribution allows us to run a different queue handling program
by setting the QMAILQUEUE environment variable.  This is set in
/var/qmail/supervise/qmail-smtpd/run.  The distributed script to replace
the qmail-queue process is /var/qmail/bin/qmail-scanner-queue.pl.  This
script runs clamav and spamassassin on the e-mail messages going through
qmail.

The thought is that since spamassassin is a Perl script, a performance
penalty is incurred each time it is run so it should only be run when it
is clearly required.


MODIFICATION:

I have re-enabled the qmail-scanner-queue.pl script (uncommented it) and
changed the script to do two things:

1) I added some code to spamassassin_alt() so that spam detection is
only performed on mail going to the content list and the info e-mail
address.

2) I added a content scanner so that e-mail addresses that are clearly
not going to resolve are dropped immediately rather than being processed
by clamav, spamassassin, and mailman.


CONCLUSION:

The change has been running for about a day.  However, because it is the
weekend, the list traffic is lower and so full impact of the change is
not known.  As well, everydns got hit by a DDOS attack soon after I put
the change in place which likely cut the amount of traffic both Web and
e-mail.  I will continue to monitor the situation as load returns to normal.




More information about the theforum mailing list