exim: dropping spam based on score threshold?

nxds

Well-Known Member
Jan 6, 2006
53
0
156
Just to clarify, I'm talking seriously high loads like 16+ caused by memory starvation. Loads of less than 2 or less I can handle.
 

sparek-3

Well-Known Member
Aug 10, 2002
2,087
243
368
cPanel Access Level
Root Administrator
The high loads would be understandable because it runs spamassassin on every message that reaches the server. If the message is accepted, spamassassin would be called again if the user has spamassassin enabled on their domain and the message would be scanned again.

nxds said:
Just to clarify, I'm talking seriously high loads like 16+ caused by memory starvation. Loads of less than 2 or less I can handle.
Do a lot of your accounts make use of their default box? If you have a lot of accounts on your server that have their default box set to something other than :fail: then this would scan those messages as well. I suspect that this would contribute quite a bit to the increase spamassassin memory usage.
 

nxds

Well-Known Member
Jan 6, 2006
53
0
156
Hi, it's not so that I'm checking a lot of messages, rather than the spamd children getting extremely fat (300MB) which causes the system to start thrashing to swap because of the lack of RAM. The spamd processes hang around serving new requests so they don't get any smaller; the only cure I've found is to sighup them so new light weight children get born.

What intrigues me is that this happens a lot on a couple of servers whereas other, more busy and identically configured servers don't get the problem. On the well behaved systems, the spamd children remain in the 10-40M range. I can't figure out what causes it this, (some memory leak or memory hungry rules triggered by specific messages?) but the sighup workaround keeps the servers load in check.

Of course, I also reject a lot of messages with RBL checks, and I also reject messages where the account has reached it's quota limit so I'm not spam scanning everything that attempts to talk to my mail server.
 

forlinuxsupport

Well-Known Member
PartnerNOC
Dec 22, 2004
386
0
166
cPanel Access Level
Root Administrator
The high loads would be understandable because it runs spamassassin on every message that reaches the server. If the message is accepted, spamassassin would be called again if the user has spamassassin enabled on their domain and the message would be scanned again.

Hmm. I found that too..

So all messages are being scanned twice.. pity.

Anyone know how to get this to work ONLY for accounts that actually have spamassassin enabled ?
and then how to make it scan only once ?

Its a great hack (um fix) , but my loads are just getting too high now !!

I'm thinking of trying the MailScanner route next to see how that copes.

Regards
Andy
 

devourer

Member
Nov 24, 2005
9
0
151
I'm using the MailScanner add-on myself. This works really good for me. I also installed MailWatch for MailScanner. With this php program you can teach bayes. I trained bayes well, use a few good SARE rules with it and got nearly 100% spam filtering. Only thing is bandwith. MailScanner accepts all messages @ SMTP level and then scans. So its not rejected but just filtered out of the users mailbox..