[KLUG Members] Sendmail performance tweaks/tips
Chester Wisniewski
chetw at zuzax.com
Wed Aug 30 02:28:44 EDT 2006
adamb at glaven.org wrote:
> I realize that bringing up MTAs usually sttart wars, but I am currently
> finding myself managing some sendmail servers. My previous position had me
> working with qmail, so I haven't worked with sendmail for....3 years.
> Enough time to forget most of what I knew before.
>
>
> So, in the interest of performance: what is it that you put in your MC
> file and any other tweaks that you put in your cf file to "speed" things
> up and manage queue sizes?
>
> I don't have any of my old cf or mc files from the last time I ran a
> couple production sendmail servers; and the current cf files seem to be
> lacking the accompanying mc files.
>
> In my cf files, here's what might speed up my delivery or 'tweak' sendmail:
>
> AliasWait at 10
> MaxMessage size at 11M
> DeliveryMode is background
> Connection cache size is 2
> Connection cache timeout is 5m
> Check Aliases is false (which doesn't really do anything for
> performance)
> Privacy Options are the standard: noexpn, novrfy,authwarnings,
> needmailhelo
>
>
> SuperSafe is True.
>
> I also have a few timeouts set that I'm not sure are of any use:
> initial: 15s
> connect: 15s
> ident: 0
> queuereturn: 12h
> queuereturn.normal: 12h
> queuewarn: 6h
>
> Back off timeouts again:
>
> DoubleBounces are sent to the bit bucket.
> Max recipients is 100
> Dead letter goes to bit bucket.
>
>
> I've used QueueLA before, but it didnt' seem to 'queue' things so much as
> 'deny new messages'. So, I'm a bit leery of that (And no, I didn't
> confuse it with RefuseLA).
>
>
>
> I believe that this version of sendmail (8.13.7) includes milter support,
> I'm interested in milters. I know they are the bees knees, the cat's
> pajamas, but unfortunately, the most popular, and one I was dying to use -
> Greylisting - is unusable since mail on the domain I'm worrying about uses
> postini. So, mail goes to postini, postini sends it to us. I can grey list
> all I want, but postini is still gonna send it. The same goes for IP
> blacklisting, connection throttles to stop spammers, and the like.
> Postini is *the* only way into the mail server - any other connections are
> rejected. (I do understand that I could throttle connections, but it's
> not going to stop say, a spammer - the mail is already spooled on postini,
> so it WILL come, the only thing that throttling will do is delay any
> incoming mail.)
>
> As configured, sendmail already denies messages going to recipients that
> don't exist; but because postini doesn't filter all mail (just ones that
> are subscribed) a spam stomping milter that has a low false-positive rate
> (since having someone on hand to do nothing but sort through messages
> isn't useful) would also be good. And again: My only problem is I *am* on
> solaris, and since glibc yhasn't been ported, any milter that is C/C++
> that uses glibc is out of the question. Unless I want to port either
> glibc, or the milter. Perl and python filters, while less desirable, are
> acceptable.
>
>
> So: if you have any tips, feel free to send them on. As I mentioned in
> the other thread, I'm looking to move, but since this would be a LARGE
> move, I have to make do with what I have until I have new servers built
> and ready and a migration plan written out and tested. (Hey - if you have
> migration plans... well.. post those, too).
>
> I mostly need to get away fro mbox format, as mbox format is not NFS safe,
> and the current "nfs safe" version of procmail wwe have is undesirable.
>
> Feel free to bounce ideas, flame, whatever.
>
> Adam
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
>
>
Hi Adam,
I work for a private company that produces Anti-Spam and Anti-Virus
products that are milters (Postini is my arch enemy!). I am not going to
pitch you on our solution, however I will probe around a bit on open
source solutions we know to exist out there that may work in your
environment. If you would like to know the good/bad/ugly of any of them
in particular that you might be looking at, I would be happy to share
our competitive intelligence (or kudos!).
Chet
More information about the Members
mailing list