I don't see anything much wrong with the rule selections, other than I think
mr_wiggly and maybe nov2rules are pretty old, and at least mr wiggly is in
sare_specific (I believe it is) these days. I think perhaps also
domaindigits has been depreciated; but I could be wrong about that.
You might also consider adding the chickenpox ruleset. It works for most
people, although there are a few people that find it hits where it
shouldn't.
I'd look at the load average on the system and see if you are running out of
memory. I don't know qmail, so can't suggest how to cure it if it is the
case. However, that is about the most common reason for slow scanning. You
don't seem to say how much memory you have. If it is less than 512M, go get
some more, SA is memory hungry.
Loren
----- Original Message -----
From: "Technical Department" <[EMAIL PROTECTED]>
To: <users@spamassassin.apache.org>
Cc: "technical" <[EMAIL PROTECTED]>
Sent: Thursday, July 14, 2005 3:15 AM
Subject: Long Scanning Delays
> Hi
>
> We are running Qmail Scanner 1.25 + Spamassassin 3.04 + Clamd 1.86.1 on
> our dual 1.4Ghz P3 Linux mail server. We've been experiencing some
> problems with the server taking a long time to scan messages (In most
> cases they are taking between 60 and 80 seconds). I have the following
> rulesets installed:
> 70_sare_adult.cf 70_sare_unsub.cf init.pre
> 70_sare_bayes_poison_nxm.cf 72_sare_bml_post25x.cf last-update
> 70_sare_genlsubj0.cf 72_sare_redirect_post3.0.0.cf local.cf*
> 70_sare_header0.cf 88_FVGT_subject.cf mr_wiggly.cf
> 70_sare_html0.cf 90_FVGT.cf netcom.cf
> 70_sare_obfu1.cf 99_sare_fraud_post25x.cf nov2rules.cf
> 70_sare_oem.cf 99_sober.cf rolex.cf
> 70_sare_ratware.cf DomainDigits1.cf surbl.cf
> 70_sare_spoof.cf evilnumbers.cf weeds.cf
>
> At the moment I have disabled Razor, SPF and RBL checks from within the
> Spamassassin configuration.
>
> Spamd is started from Daemontools (/service/spamd/run):
> #!/bin/sh
> exec /usr/local/bin/softlimit -m 50000000 /usr/bin/spamd -m 8
> --username=qscand
>
> Qmail-smtpd is also started from Daemontools (/service/qmail-smtpd/run):
> #!/bin/sh
> QMAILDUID=`id -u qmaild`
> NOFILESGID=`id -g qmaild`
> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
> LOCAL=`head -1 /var/qmail/control/me`
> if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z
> "$LOCAL" ]; then
> echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
> echo /var/qmail/supervise/qmail-smtpd/run
> exit 1
> fi
> if [ ! -f /var/qmail/control/rcpthosts ]; then
> echo "No /var/qmail/control/rcpthosts!"
> echo "Refusing to start SMTP listener because it'll create an open
> relay"
> exit 1
> fi
> exec /usr/local/bin/softlimit -m 50000000 \
> /usr/local/bin/tcpserver -v -R -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" -u
> "$QMAILDUID" -g "$NOFILESGID" 0 smtp /usr/local/bin/rblsmtpd -r
> spam.dnsbl.sorbs.net -r smtp.dnsbl.sorbs.net -r sbl-xbl.spamhaus.org -r
> bl.spamcop.net sh -c '/var/qmail/bin/qmail-smtpd' 2>&1
>
>
> The server has 1.5GB of memory so I was wondering if the softlimit needs
> to be changed? Has anyone else had a problem with this sort of thing?
>
> Thanks,
> John
