>Is there logic to having a separate MaxBytes setting like
MaxBytesForBombs that's used only during message delivery? That way, the
entire message can be scanned for bombs, but the rebuild could use a lower
number to better balance the differential between the average sized spam
and average
After about 12 weeks of going from MaxBytes of 4k to MaxBytes of 50k, 've
seen:
1) Rebuild go from just over an hour (with 30k MaxFiles) to just over 2
hours. I'm fine with that, there's more to scan
2) Bomb detections improve, as a lot of what's detected is beyond the 20k
or 30k mark
3) but,