I think you should off load the processing work. Look into running a
remote clamd/spamassing, or setup multiple mail hubs jms has a guide on
that at http://qmail.jms1.net
I agree he needs to offload, but the jms1 way seems very cumbersome.
We have sendmail boxes as front line, that do all the pre-connect tests
easily without adding in 35 patches like we have to make qmail
modern-ish and then anti virus/spam/phishing/etc tests, one important
factor is the milter smf-sav which asks the database server (we call)
"qmaster" (a vpopmail/mysql db server) if user exists to avoid
backchatter, if it does, then sendmail sends to "qrouter" which is a
simple qmail/vpopmail install that accepts the mail and puts it into the
users dir (which are NFS attached) all the nfs stuff and qmaster and
qrouter all operate on pvt address space, on second gbit port for added
protection, but of course could be run on live net interfaces if you
dont have the option of dual ethernet.
What do you use for recipient verification on sendmail?
(we tried postfix with its remote recipient verification, but it cant
handle the loads and even its author recommends not to use on very busy
systems, we dont use qmail on the front line boxes because we dont have
to fear breaking patches trying to incorporate RBL, SPF, SAV, DNS
checks, badmx zone checks, bad helo, force helo, and milter-regex to
stop all home users etc etc etc, sure we might end up geting qmail to do
all these, but after how many hours, when with sendmail its just there
and adding a milter after another milter cant break patching like with
qmail :) )
That is odd. At Outblaze where I ripped out an inhouse custom sendmail
(let's forget about the security holes that require immediate
attention), I believe that, even if the sendmail mysql patch had some
form of mysql pooling like postfix and thus not kill the mysql server
with hundreds of connections (sendmail was configured to spawn up to 600
child processes but mysql connections are only opened after mails get
past the filter rules), it would still not handle the load that postfix
can (configured to handle 800-1000 connections depending on whether
there is a flood of sorts, lower number when more ham is coming in)
since 600 is the maximum we can configure for sendmail before the box
starts swapping and load average was also higher when sendmail was
running. Interesting that you find a complete opposite experience.
Where does postfix fail? Large queues due to perhaps a larger ham to
spam ratio in your environment? OB had something like minimum 90% spam
so they managed with just dual PIII 800Mhz, 1G, dual scsi boxes on the
frontends. Around 30 or so before I left.
Wietse recommend that postfix not be used in very busy systems? That I
find hard to believe. Perhaps you can post a link to his post.