On Tuesday 12 June 2007 14:55, Michael Stauber wrote:
> Hi Ernie,
>
> > We are running into an issue where we are seeing a small amount of emails
> > sent out with truncated text, lost attachments, etc. This just started
> > Monday, and after a few hours seemed to have just "fixed" itself while we
> > were still investigating what was happening. After looking on the
> > Internet, and seeing a lot of issues with MailScanner and Postfix (I
> > know, we are using Sendmail not Postfix on BQ), we can't help but wonder
> > if there is something similar happening here. Has anyone else had users
> > report that email was missing parts?
>
> MailScanner is - and always has been - just a dirty hack. It sure has
> developed over the years and great efforts are still put into it. So it is
> constantly maturing and improving. However, it's still a dirty hack.
>
> All the MailScanner scripts that wrap around Sendmail have a tendency of
> being a bit spooky and can indeed loose mails, attachments or other bits
> and pieces. Espececially under high load it can be that processes related
> to MailScanner run out of memory and/or crash. What then happens with the
> email being processed depends on what stage of delivery MailScanner
> currently was. At best the mail is still in the queue, being processed
> again sometime down the road. At the worst? The mail gets lost, garbled or
> truncated.
>
> So under high load MailScanner may go awry on you. On the other hand:
> MailScanner is so ineffective, that it'll drive the load right through the
> roof even under moderate email traffic.
>
> I just had the pleasure of looking at a server that was using MailScanner
> and which processes roughly 100.000-150.000 emails a day. It was constantly
> hovering around 6.80 and 8.50 server load - even with Syslogd shut down to
> save CPU cycles during the cron.daily cron runs.
>
> The same server is now running something different which provides equal (or
> better) protection, uses Sendmail Milter to tie the virus and spam checking
> into the MTA and the box processes the same amount of emails as before.
> The load? It's down to a 15 minute load average of 0.18. With logging
> turned back on.
>
> My suggestion therefore: Get rid of MailScanner. I don't have half as much
> experience with Postfix in regards to customizations as with Sendmail, but
> newer versions of Postfix also support Sendmail style Milters as it
> appears:
>
> http://wiki.linuxquestions.org/wiki/Postfix_with_clamav-milter
>
> So you can install Clam AV Milter and possibly also SpamAssassin Milter
> (there are a few Milters for SpamAssassin available).
>
> Of course there is also the somewhat more traditional approach of
> integrating Clam AV and SpamAssassin into Postfix - without Milters:
>
> http://www.tedesca.net/bez/homeoff/antispam.html
>
> Any of the above approaches is certainly better than using MailScanner.
> Just my $0.02.
While I have nothing against Mailscanner, it does use a lot of cpu cycles,
especially if you have very many "features" turned on. Personally I prefer
Postfix with amavisd-new, clamav, spamassassin mixture. Big swatches of the
outright spam you can filter with postfix before the rest of the system ever
sees it and keep the load down, then only scan what you are going to accept
and tag.
--
Larry Smith
SysAd ECSIS.NET
sysad (at mark) ecsis.net