Jonathan Pierce wrote: > > So, I'm trying to figure out how to remedy the problem. My mail queue > has a little over 20,000 messages sitting in it right now, and "Flush > Mailqueue" doesn't change much.
I saw Peter answered also with some good info but I'll add my comments also. Recently there has been a huge spike in spam/dictionary attacks so it is not just you. I've seen a good 50->60% increase on several large mail gateways I control. Sadly this caused some of them to hit capacity just as you have seen. When doing mail scanning like Endian is doing you spend CPU cycles for each extra check, SpamAssassin, ClamAV, even just the filename checks require extra cpu power. At some point your server will not be able to keep up. Your options start tweaking the settings, drop filename checks first, then anything else you can afford to. Or figure out how to prevent the mail from being scanned. Anything you can drop at the SMTP level via RBL or anything saves you from having to run those mails through the scanning engines. Endian has Greylisting setup you might try using that it could help. Now specifically to stop dictionary attacks the easiest way is to have the valid user maps. How to do this depends on what you are running as your mailserver behind Endian. If like many compnaies you have MS Exchange there is a good script here http://www-personal.umich.edu/~malth/gaptuning/postfix/getadsmtp.pl That lets you use Net::LDAP to dump the Active Directory and build a usermap. There are lots of other ways to do this but I'd try to minimize the amount of extra network traffic and cpu usage to get the map. [Disclaimer: I'm not a postfix expert, I use sendmail when I'm given the choice and have modified version of the above script that works with sendmail just fine. I used it on one of the big gateways that was getting 175,000+ emails per day at the, using an access map I can now drop 115,000 of those emails at SMTP level.] Hope this helps. -Mike ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
