Hey everyone, I have a few questions about something I'm encountering with spamd.
I've noticed cases where a bounce message to the server results in spamd 'exceeded time limit'. It reaches the limit of 300+ seconds. In this particular case, the message size is 564kB and contains an attachment. Normally, such a message size would not cause spamd to 'hang' for 5 minutes. I've pulled the bounce message in question to troubleshoot, and noticed that with spamc it does not recognize the attachment (no attachment rules hit). When scanning the original message (non bounce), spamc does recognize the attachment. I also noticed a significantly longer wait time using spamc with the bounce message compared to the original message. I also used the 'HitFreqsRuleTiming' plugin to see the performance of rule scan time between the bounce message and original message. I noticed that the bounce message had rules taking 4+ seconds (upstream rules such as __FILL_THIS_FORM_SHORT2 and __FILL_THIS_FORM_LONG2) , while this was not the case in the original message I have two questions: 1) By default, does SpamAssassin *not* decode/scan the base64 of the attachment? 2) Is the longer scan time of the 'bounce' message due to SpamAssassin scanning the attachment text lines in a way that it normally would not if it had recognized that it is an attachment? Thanks in advance. -- Sent from: http://spamassassin.1065346.n5.nabble.com/SpamAssassin-Users-f3.html