Hi, Since my little spam odyssey seems to have capture the group's attention, I wanted to provide an update. With a little help graciously given by Noel at Devtech the issue was quickly identified. As it turns out, there were several specific issues:
1. We were having problems with the DelayTimes causing ArrayOutOfBounds exceptions to be thrown by undeliverable mail. As the undeliverable mail backlog grew, CPU usage swelled to 99.9%. This was addressed by commenting out the delayTimes elements. This is a sloppy solution but it got us working again. 2. Our RemoteDelivery element was misunderconfigured to *explicitly* relay spam. The section which acts as a spam preventer was commented out, allowing the system to act as an open relay. Spam, spam, spam, spam... This was clamped down and promptly the flow of spam ceased. 3. Either FetchMail or FetchPop was also misconfigured to check our local mailbox and guess what, re-deliver it to us. This explains the looping behavior seen in headers before. Why it was set up this way I cannot say, but why ask why? With these issues addressed, the server has been running about 16 hours quite nicely and I have every reason to suspect it would give us good service. We are still migrating away from James because I am concerned about the lack of familiarity with it, but to be fair I wanted to make clear that the source of the problems had been nailed down to configuration rather than core server issues. If nothing else, I could see using James as a backup that we can run on some of our Windows boxes to use in case our primary Linux server goes down. Noel mentioned that the log/config excerpts I've posted in the past have not been complete enough for meaningful debugging. As I mentioned to him in a private email, I began obfuscating things like IP addresses and more importantly domain names when I posted to mailing lists or forums because a week ago, I did a google search on my company's name and several of the top-10 results were postings employees had made to various public forums discussing technical problems. I have no problem with other developers, sysadmins, etc. seeing this kind of thing, but I could imagine a non-technical customer seeing this and getting unnecessarily spooked. I understand the value of having the mail list archived publicly, indeed the main reason I'm writng this is to help in case some future soul manages to muck their config.xml up as badly as we did, but perhaps it is not such a great idea to have them indexed by google. Some dirty laundry is best kept inside the washroom. Best, -cwk. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
