Re: [exim] exim and iptables

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MStephen Gran at <-
MGiuliano Gavazzi at ->
Delete this message
Reply to this message
Author: exim
Date:  
To: exim-users
CC: Michael Johnson
Subject: Re: [exim] exim and iptables
ok here more details:

so for the moment all (spamd, clamav and exim) are running on one single
laptop PIII with 512MB RAM/20GB disk
it's located in the DMZ on a 100mbit network
maximum smtp connections are set to 24 where 4 are reserved for exim to
deliver to the exchange server.
All runs ok, until some spam servers got awaken
All 20 connections stay open, and exim and spamd just eat up the memory
It also happens that spamd drops the check due to exceeded scan time (240s)
So at that point the box becomes very slow, no smtp connection are accepted
anymore and even swap gets full (currently to low = 256mb)

Eventualy the box restores it's normal condition (can take up to 1 hr) but due
to this, many real mails are either lost, or arrive hours later.

Thuesday I can all install to a beter/faster machine, I'll post any changes
(or no changes) later...

On Friday 25 March 2005 17:15, Michael Johnson wrote:
> On 25 Mar, 2005, at 10:56:31. 0 AM, Bob Branch wrote:
> > Michael Johnson wrote:
> >> problems you're experiencing. Maybe someone with experience
> >> using similar hardware can chime in and tell me I'm wrong. =-)
> >
> > My server for my personal domain's a P3/550 (100MHz slower than
> > his) with 128MB of RAM and 40MB/sec scsi kit and it handles a load
> > easily twice his without anything I'd call a real performance hit.
> > Sure, if I do an sa-learn on a bunch (more than a couple hundred)
> > messages in a batch it'll bog a LITTLE, but we're talking maybe a
> > couple milliseconds pause on any other tty, and that's just because
> > spamassassin's a resource hog. Clamav/amavis don't seem to add an
> > appreciable load, either.
>
> This leads me to believe it's a problem with the network. Mail isn't
> typically a big resource hog in the cases I've seen. SA can be,
> although it seems to be quite fast on my setup. I guess I'm just lucky.
>
> I'd think about moving SA off to a different dedicated machine, but
> if there are network problems, this may serve to only slow things
> down further.
>
> > I'd also look towards something else being the problem, but he also
> > hasn't said in any real detail what the whole problem is...
>
> More details would be helpful. Then someone with real knowledge can
> chime in and help instead of me. =-)
>
> -Michael
>
> ---------------------------------------
> Sometimes your joy is the source of your smile, but sometimes your
> smile can be the source of your joy.
>                      --Thich Nhat Hanh
 

-- 
A gossip is one who talks to you about others, a bore is one who talks to
you about himself; and a brilliant conversationalist is one who talks to
you about yourself.
        -- Lisa Kirk



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] exim and iptablesRe: [exim] Not rejecting mail to postmaster in DATA acl?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)