Hello, If it's possible, avoid using Amavis. It's a memory hog (at least the last one I used). You mentioned that in every message that comes in, Amavis spawns the virus scanner. Imagine if you have thousands of email coming in.
Don't use virus scanning daemons as well. If the virus scanner dies or leaks , you have to have another program watching it whenever that happens. Also, if your mail servers gets attacked via the "Zip of Death", your virus scanner may crash. A more sophisticated solution is to use a system that scans messages by batch rather than one by one. It works like this: 1. Spawn sendmail and store messages on an alternate folder, say mqueue.in /usr/sbin/sendmail -bd -ODeliveryMode=queueonly -OQueueDirectory=/var/spool/mqueue.in /usr/sbin/sendmail -q15m 2. Have the AV scanner scan the incoming queue. Move to /var/spool/mqueue if clean, quarantine if not A program that does this is mailscanner (http://www.mailscanner.info). What's cool is that it can also filter spam if you want to. What's even cooler is that cross-check mails with open relay databases. What's even "spankingly cool" is that it can use SpamAssassin to filter more spam. Cheers, Ed Federico Sevilla III mumbled: > Hi Marga, > (cc PLUG) > > On Tue, Oct 01, 2002 at 03:26:14PM -0400, Marga Adan wrote: >> I hope you can help me. > > Sure, but I prefer that message like this be routed through either PLUG > or the PH Linux Newbie list, instead. Aside from my personal > preference, you also have the wider audience there, which normally > means more input from the community. > >> I've been following the PLUG on referral by persons I've met , and >> appreciate very much if you can provide some insight on below: >> >> I found the Linux mail server posted that the amavis process was >> killed due to low memory resources. Fortunately, amavis re-activates >> itself if the process was killed. When checking memory usage, I found >> out that vscan was hogging much of the cpu state and the memory state. >> >> I have not much experience on linux, but would you know how the >> performance of AMAVIS (degrades/ remains ok)is when used with a >> virus scanner? > >>From personal experience I've found the killer is not as much AMaViS >>per > se, as it is the virus scanner that AMaViS spawns for each and every > message that passes through the mail server. I am using McAfee uvscan > and have noticed that on top of the standard overhead involved in > loading a new process, it does an unexplainable modprobe, scanning all > available modules that takes quite awhile. > > Other than that the load is still bearable with a server like ours[1]. > For MTAs that handle a lot of traffic you may be interested in skipping > the middle-layer of AMaViS entirely, though. You can opt to use a virus > scanner that runs as a daemon and interfaces directly with the MTA. An > example of this is Kaspersky Labs AV. Unfortunately those are > significantly more expensive than your standard "file-sweeping" type > anti-virus which AMaViS (and the like) "glue" to your MTA. > > [1] To see our MTA load graphs see > (http://mrtg.leathercollection.ph/mailgraph.cgi) > _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
