Leon Kolchinsky wrote: >> Hi All >> >> We are running Postfix + amavisd-new-2.3.3-3 in our linux mail gateway. >> We have been hit hard lately with SPAM and our mail queue has been >> growing significantly to 10,000+ mails and it takes a few hours for the >> queue to go down. We received 1.6million spam messages last month and I >> believe this number is growing at around 5-10% monthly. >> >> We were hit with 65k spam messages between the 6 hours between 00:00am >> 06:00am this morning, by the time business starts, the mail queue was >> already soaring up to around 19k around 9am. I was watching the mail >> queue growth, the throughput of incoming mail -> postfix -> amavis >> (spamassassin only) -> postfix -> relay to internal hosts, was only 1-2 >> messages per second. >> >> Our configuration in postfix and amavisd are as follow, the server has >> 1.5G memory with SCSI disks (Raid 5) and 2 x 2.x Xeon processor - we >> feel the server has a decent profile and *should* cope with the >> requirement. >> >> We fiddled with the max proc for smtp-amavis below from 25, 50, 100 (and >> also change max_servers variable in amavisd.conf accordingly) but the >> rate/second throughput hardly changed during these periods. >> >> Would anyone be able to share some lights on our issue? please let us >> know if you require more information from our settings. >> >> Thanks >> >> CP >> >> >> master.cf >> --------- >> smtp inet n - - - 100 smtpd >> >> smtp-amavis unix - - y - 25 lmtp >> -o smtp_data_done_timeout=1200 >> -o disable_dns_lookups=yes >> >> 127.0.0.1:10025 inet n - y - 200 smtpd >> -o content_filter= >> -o local_recipient_maps= >> -o relay_recipient_maps= >> -o smtpd_restriction_classes= >> -o smtpd_client_restrictions= >> -o smtpd_helo_restrictions= >> -o smtpd_sender_restrictions= >> -o smtpd_recipient_restrictions=permit_mynetworks,reject >> -o mynetworks=127.0.0.0/8 >> -o strict_rfc821_envelopes=yes >> >> recipient_access table >> ---------------------- >> .mydomain.com FILTER smtp-amavis:[127.0.0.1]:10024 >> >> amavisd.conf >> ------------ >> $max_servers = 25; # number of pre-forked children >> $max_requests = 20; # retire a child after that many accepts >> >> > > Hi, > > Are you using any reject_rbl_client directives in your main.cf ? > This could reduce SPAM levels drastically. > > This is what I'm using in smtpd_recipient_restrictions: > > smtpd_recipient_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_unauth_destination, > check_recipient_access regexp:/etc/postfix/mailboxfull, > reject_invalid_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_rbl_client zen.spamhaus.org, > reject_rbl_client cbl.abuseat.org, > reject_rbl_client safe.dnsbl.sorbs.net, > reject_rbl_client list.dsbl.org, > check_client_access hash:/etc/postfix/client_checks, > check_sender_access > regexp:/etc/postfix/filter-catchall.regexp, > permit >
Adding the rbl will dramatically decrease spam from the queue. I found that installing a caching nameserver on the postfix smtp server host improved significantly the functioning of the rbl blocking. S.Waltz ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/