Michael Stauber wrote:
> MailScanner is - and always has been - just a dirty hack. It sure has
> developed over the years and great efforts are still put into it. So it is
> constantly maturing and improving. However, it's still a dirty hack.
Hmmmm, well Ian may disagree with you on that one. ;)
In the days before the MailScanner pkg's, we were running MailScanner on
our RaQ350's with generally decent results, but high load as a tradeoff.
We then moved off the individual machines running MailScanner and put up
dedicated boxes that serve as the MX records which then hand off to the
individual hosting boxes. We use relatively modest machines (in this
day and age... dual AMD 2Ghz, 2GB RAM) and each machine averages around
30k messages/day, with load average never exceeding .5.
My experience is that the antivirus component is usually the trouble spot.
> All the MailScanner scripts that wrap around Sendmail have a tendency of being
> a bit spooky and can indeed loose mails, attachments or other bits and
> pieces. Espececially under high load it can be that processes related to
> MailScanner run out of memory and/or crash. What then happens with the email
> being processed depends on what stage of delivery MailScanner currently was.
> At best the mail is still in the queue, being processed again sometime down
> the road. At the worst? The mail gets lost, garbled or truncated.
While I've never seen this, I've also never pushed a MailScanner box to
its limit.
My last experience running on a BQ box was an older PKG that would bring
an otherwise lightly-loaded P4 2.5 / 1Ghz to its knees. It wasn't pretty.
I've heard the newer versions perform much better.
> So under high load MailScanner may go awry on you. On the other hand:
> MailScanner is so ineffective, that it'll drive the load right through the
> roof even under moderate email traffic.
I agree, and disagree. It'll load up on you if you let it. However,
properly configured (and that doesn't mean just "out of the box!") it
can do a pretty good job. Then again, we have spent literally years
working on our recipes, and they change almost daily.
> The same server is now running something different which provides equal (or
> better) protection, uses Sendmail Milter to tie the virus and spam checking
> into the MTA and the box processes the same amount of emails as before. The
> load? It's down to a 15 minute load average of 0.18. With logging turned back
> on.
>
> My suggestion therefore: Get rid of MailScanner. I don't have half as much
> experience with Postfix in regards to customizations as with Sendmail, but
> newer versions of Postfix also support Sendmail style Milters as it appears:
And you may well be 100% correct. Esp. in cases where you only have one
box and need it to do all tasks.
We've also had good luck WITH MailScanner, but in a different
implementation.
> Any of the above approaches is certainly better than using MailScanner. Just
> my $0.02.
To which I add another $0.02, so together maybe we can buy something
really neat together. Or not. ;)