24x7server wrote:
Fuzzyocr is very expensive in the RAM department. For the load you're talking, you'll want probably 6G or more. Or distribute it across multiple machines. I personally stopped using it (due to the memory cost), and use the text rules that still catch them (sare_stock I believe) and Bayes. I also limit the number of connections per minute, with a 35 minute reload to clear out any iptables blocks for legitimate systems. Maybe some better BLs on the SMTP level as well. Not really a solution, but maybe will give you some ideas of where to target your attention.hiour system : redhat linux, dual xeon 2.8, 2 gb ram we use fuzzyocr along with qmail toaster. works nicely while scanning for images we have around 3000 email users. however when a large volume of spam suddenly hits the server then the load goes high and then this is what we notice 1) spamassassin skips surbl checks and fuzzyocr checks and emails are passed on without spam checks 2) concurrency incoming keeps increasing and finally exceeds the limit of 150 that we have set. we noted that this happens because opposite side mail servers keep trying to deliver to our server and due to delay in smtp sessions time out and retry again. Number of connections keep pooling up and increases beyond max concurrency limit. the main problem is because of fuzzy ocr which consumes maximum load. 3) since all this is done in the memory by simscan spamassassin scanning really slows down and email scanning time takes as much as 10 minutes. we dont mind delays in mail delivery during load but failure of the spam scanning and increase in number of concurrent connections simply stops incoming mail into our server. has anybody devised any tool by which spamassassin scanning can be done on the hard drive instead of memory. if anybody knows an alternative tool to fuzzyocr which is less load intensive or some alternative for spam scanning after accepting email into the server please let us know.
smime.p7s
Description: S/MIME Cryptographic Signature