From owner-freebsd-questions@FreeBSD.ORG Thu Dec 8 00:19:03 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A921516A41F for ; Thu, 8 Dec 2005 00:19:03 +0000 (GMT) (envelope-from jdow@earthlink.net) Received: from smtpauth01.mail.atl.earthlink.net (smtpauth01.mail.atl.earthlink.net [209.86.89.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id 88EDA43D73 for ; Thu, 8 Dec 2005 00:18:50 +0000 (GMT) (envelope-from jdow@earthlink.net) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=e592WB3Alc3nildX7StgApTpVEwUZTBs39lix1scJvZ8N7SxPUHu6SBN0pFuNnP6; h=Received:Message-ID:From:To:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP; Received: from [71.116.179.184] (helo=kittycat) by smtpauth01.mail.atl.earthlink.net with asmtp (Exim 4.34) id 1Ek9Ud-0006Xq-12; Wed, 07 Dec 2005 19:18:39 -0500 Message-ID: <04e401c5fb8c$ef3c5930$1225a8c0@kittycat> From: "jdow" To: "Vahric MUHTARYAN" , References: <200512071850.1eK93919y3Nl34b0@mx-clapper.atl.sa.earthlink.net> Date: Wed, 7 Dec 2005 16:18:36 -0800 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2670 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 X-ELNK-Trace: bb89ecdb26a8f9f24d2b10475b571120dd0c43daa6f88f2245055754c836c5c6425eb2f8038ba5fe350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 71.116.179.184 Cc: Subject: Re: hardening FreeBSD for Spamassassin X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Dec 2005 00:19:03 -0000 You are going to have to trim numbers of messages before you get to SpamAssassin, I am afraid. Is this number after any greylisting you may have operational? If not then do look into greylisting. It is a very powerful technique to prefilter your incoming email at the connection level. If the address is recognize the email is received immediately. If it is not recognized the email is "temporarily failed". Currently spammers do not retry in such cases. So at least for now this will be a very effective tool to trim down the number of messages your SpamAssassin install has to filter. You will have to trim the number of rule sets you use to a bare minimum. They do take time to run. If I extrapolate my system's usage and configuration to a 4 processor 3GHz level machine I am still about an order of magnitude shy of your requirements as I am currently configured. So the level of rules trimming would be daunting indeed. (But at least I have not missed a genuine spam detection in two weeks now. And I've only had about 5 very spammy looking kernel mailing list type messages that false alarmed. It is hard to deal with filtering lists that just look like spam and do not filter incoming messages. {^_-}) As for trimming FreeBSD to a minimum the usual litanies exist, do not start any services you do not need. One BIG hog in this regard, obviously, is X11. If it is not absolutely needed don't start it. You should not even have it on the system. Only you know if nfs is required in your setup or not, of course. So you must make the assessment of "is this needed" for yourself. With four gigabytes of ram and (only) four processors you're probably not memory limited on a CPU intensive operation. So kernel trimming is probably not going to be a high benefit process, at a guess. Oh yes, one thing you DO want to run is your own DNS server implementation of the "SURBL" lists. That volume of email quite justifies requesting Jeff allow you to download his database to your machine periodically. That will GREATLY speed up the DNS tests, of course. You might check this out at http://www.surl.org/. Jeff's a good fellow with a STRONG "no collateral damage" ethic. Go for greylisting first then Jeff's database downloads. {^_^} ----- Original Message ----- From: "Vahric MUHTARYAN" > Thanks Joanne , > > Exactly I red Spamassassin FAQ and they said that 20-30 MB memory > must for each child process also iowait and CPU is really important but > mailn purpose is RAM, you are right ... > > And sorry I heared but I did not use exactly spamc & spamd , also I > will care about your words and advise about mailing list , but my questions > is not fully How fast can I run SA , my question is get out something from > FreeBSD which is not need for only SA run on system, I mean optimizing > system for only special works , maybe more little kernel , maybe it looks > like freebsd from screch (I think wrong word )...or maybe How can I > optimize and have more small and faster running FreeBSD OS ... > > And I want to handle 130,000 mail/hour with using 2 or 4 P4 server > with raid1 and 2 or 4 gb ram . > > Thanks again :) > Vahric