On Mon, 15 Nov 2010 13:43:57 -0500 Kris Deugau <[email protected]> wrote:
> I noticed recently that the average ~0.8s scan time on our filter > cluster had jumped to just over 3s. We noticed a huge jump in scan times on several of our customers' systems. Try disabling the Day-old Bread rules. We pushed out this ruleset: # DOB rule is timing out on many systems. Kill it. score URIBL_RHS_DOB 0 because DOB is either having problems or blocking heavy users. Also, try tracing one of the busy scanning processes. If you see it stuck doing DNS lookups, it's a red flag. (Also, consider scripting something combining sa-update with git to track changes.) Regards, David.
