[theforum] MOD: qmail
Dean Mah
dmah at shaw.ca
Sat Dec 2 10:08:53 CST 2006
PURPOSE:
To allow some spam and virus detection without a performance degradation.
BACKGROUND:
Awhile back, to prevent the lock up of qmail/mailman, spamassassin and
clamav was removed from the mail processing pipeline. This is usually
okay for the normal lists like thelist, theforum, thechat, etc. where
posts from non-members are rejected. However, because the content list
must remain accessible to the general public, a lot of spam comes through.
evolt.org is running a qmailrocks distribution where a patch to the core
qmail distribution allows us to run a different queue handling program
by setting the QMAILQUEUE environment variable. This is set in
/var/qmail/supervise/qmail-smtpd/run. The distributed script to replace
the qmail-queue process is /var/qmail/bin/qmail-scanner-queue.pl. This
script runs clamav and spamassassin on the e-mail messages going through
qmail.
The thought is that since spamassassin is a Perl script, a performance
penalty is incurred each time it is run so it should only be run when it
is clearly required.
MODIFICATION:
I have re-enabled the qmail-scanner-queue.pl script (uncommented it) and
changed the script to do two things:
1) I added some code to spamassassin_alt() so that spam detection is
only performed on mail going to the content list and the info e-mail
address.
2) I added a content scanner so that e-mail addresses that are clearly
not going to resolve are dropped immediately rather than being processed
by clamav, spamassassin, and mailman.
CONCLUSION:
The change has been running for about a day. However, because it is the
weekend, the list traffic is lower and so full impact of the change is
not known. As well, everydns got hit by a DDOS attack soon after I put
the change in place which likely cut the amount of traffic both Web and
e-mail. I will continue to monitor the situation as load returns to normal.
More information about the theforum
mailing list