I have a customer that occasionally has a need to send a massive
amount of notification messages (500+) to their clients. This craters the
system during ACL-time virus scanning.
Rather than a specific solution (like looking at subject lines
before content scanning), I'd like a general solution if that's possble.
The idea is that for internal->external traffic, my customers would be ok
with delays.
I've tried using rate limting but without success. I'm seeing two
behaviors: During my modest tests of only 100 messages at a time, sometimes
enough processes make it under the initial rate detection to cause the load
to be too high on the system right off the bat. Other times, enough
messages are sent to cause the sender_rate to drop back and then enough
delays "sync" so that a similar amount of processes go off. I think I
understand the concept, but I'm sure I'm missing something. In my mail from
acl, I have the following:
check_mailfrom:
warn ratelimit = 1 / 2s / per_cmd / strict
delay = ${eval: ${sg{$sender_rate}{[.]}{}} / 3 }s
Another solution that I've thought of but am not sure is possible
with Exim is this: during ACL processing, is it possible to put messages
into the queue and during queue processing have it content scanned via the
ACLs? I'd see it acting as an accept and then during queue processing
discarding infected content.
Thanks,
Chris