Giuseppe, > > amavisd-agent reports: > > Ah, ok, I'll use that tool and I'll fix also the directory where > amavisd-agent looks for in the mandriva amavisd-new package > (default is /var/amavis, while mandriva uses /var/lib/amavis). > What I don't understand it's that the statistics seems to be zeroed > every time the amavisd service is restarted?
Yes, they are zeroed (database is discarded) on restart, to avoid a remote possibility that a corrupted database would prevent a restart (as was reported with some older versions of bdb). See: http://marc.info/?l=amavis-user&m=122513014826544 Btw, resetting SNMP counters and updating sysUpTime on a restart is consistent with restarting a network router. SNMP clients can usually deal with the situation (e.g. rrd-tools). > Furthermore wouldn't be possible for the amavisd-new to have some > statistic about the speed|performance? > I see the cumulative time spent on processing messages, but sound not > the number of messages per seconds > (for instance) the system can sustain. That can only be measured when system is under full load. For example: stop amavisd for a while so that some backlog of messages in a Postfix queue accumulates, start amavisd (and wait few seconds for it to come up), then reload postfix (so that it forgets that its transport was down), and leave it running until the queue drains (monitor amavisd-nanny or mailq). At that point the amavisd-agent would show in its InMsgs counter the maximum mail rate your system is capable of. > > Don't let amavisd log directly to a log file. It is inefficient > > and log rotation requires restarting of amavisd. > > > > The preferred way is through syslog, it is the most flexible, > > is efficient and is trouble-free. All regular syslog maintenance > > procedures can be used, e.g. for log rotation, for duplicating > > high priority messages to another log file, for providing separate > > debug file when needed, ... > > OK, I understand this. My request was because otherwise syslog log goes > in /var/log/mail/{info,errors,warnings} > which are the same one where already postfix (and cyrus-imapd) writes, > so if you have the amavisd output too in the same file (and you have\ > an high debug level) the log is a bit more confused. It is all up to how you configure your syslogd.conf. I prefer to have amavisd log separate from Postfix - just use a different $syslog_facility for amavis, such as 'user' or 'local0'. E.g.: $log_level = 2; # verbosity 0..5 $DO_SYSLOG = 1; # log via syslogd (preferred) $syslog_ident = 'amavis'; $syslog_facility = 'user'; $syslog_priority = 'debug'; /etc/syslog.conf: *.notice;authpriv.none;kern.debug;lpr.info;daemon.err;mail.crit;user.err /var/log/messages mail.debug /var/log/mail.log user.notice /var/log/amavisd.log user.info /var/log/amavisd-info.log user.debug /var/log/amavisd-debug.log On Linux, don't forget to prepend a '-' to syslog filenames to prevent it calling a fsync after every write, which can bring the system to its knees. > A little further question. Is it possible to have whitelist, > but only for mail sent (originated) locally? Use policy banks (MYNETS or ORIGINATING) for decisions that need to be based on source of mail being local. > E.g. suppose I whitelist myself > (i.e. mydomain), in that case, a typical spammer might send messages > to me, like if they were sent to myself, and those might be whitelisted > while shouldn't, so the spam would pass. Never whitelist solely based on a sender address (either envelope sender, or address from mail header section). Only useful whilelisting nowadays is based on some (more or less credible) proof of mail origin: with SpamAssassin you can whitelist based on DKIM/DK signature, on SPF record, or on domain shown in a received header field (whitelist_from_rcvd). Using a policy bank loaded by mail submitted from inside, one simple possibility is just to rise tag2 and kill levels there, e.g.: @mynetworks = qw( 0.0.0.0/8 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16); $policy_bank{'MYNETS'} = { # mail originating from @mynetworks originating => 1, # let's make it explicit (but is a default in MYNETS) spam_tag2_level_maps => 8, spam_kill_level_maps => 10, }; Mark ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
