From owner-freebsd-isp@FreeBSD.ORG Wed Feb 23 12:24:27 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0D66616A4CE for ; Wed, 23 Feb 2005 12:24:27 +0000 (GMT) Received: from obh.snafu.de (obh.snafu.de [213.73.92.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6338043D1D for ; Wed, 23 Feb 2005 12:24:26 +0000 (GMT) (envelope-from ob@gruft.de) Received: from ob by obh.snafu.de with local (Exim 4.44 (FreeBSD)) id 1D3vZ3-0006OS-Bk for freebsd-isp@freebsd.org; Wed, 23 Feb 2005 13:24:25 +0100 Date: Wed, 23 Feb 2005 13:24:25 +0100 From: Oliver Brandmueller To: freebsd-isp@freebsd.org Message-ID: <20050223122425.GB96675@e-Gitt.NET> References: <20050223110037.177AB43D2F@mx1.FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline In-Reply-To: <20050223110037.177AB43D2F@mx1.FreeBSD.org> User-Agent: Mutt/1.5.8i Sender: Oliver Brandmueller Subject: Re: SpamAssassian with FreeBSD and Big Mail Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Feb 2005 12:24:27 -0000 Hi. On Wed, Feb 23, 2005 at 01:01:14PM +0200, Vahric MUHTARYAN wrote: > Really I don't know can I say a big mail server which have > 30,000 mailbox on it 1200+ simultaneously connections (pop,smtp,webmail). > ?ncoming smtp connections are between 200-400 . We want to run spam software > on it but machine can't handle it for this reason we seperated machine > freebsd+exim+SpamAssassian but on 400 connection machine goes down average > is very high , cpu usage really too high . > > I want to learn Anybody Who have closer or bigger system and > using SpamAssassian ?! > Really this 400 connection simultaneously can be limit for spam software ?! > I mean Anybody can handle more ?! > I have to design distributed environment ?! > > My Hardware is (for spam) > 2 X PIII 1G + 1 GB RAM + 2 DISK RAID 0 SCSI 10000 RPM You don't tell us, how you use SpamAssassin currently. If you use spamd for connection time checking by exiscan keep in mind, that each mail connection lasts longer, so you need a lot more filedescriptors than before on the machine with the MTA! I'm currently using amavisd-new (want to go away from that, it's eating too much resources) on 4 loadbalanced Dual Xeon machines. We scan for spam and viruses. Each of the machines is able to filter about 400.000 mails per day, given that you have peak times and ow traffic times. (RAID 10 over 4 10krpm disks on hardware RAID, dual Xeon 2.4 GHz, 2 GB RAM/each machine). spamd itelf won't need so many resources as amavisd-new (this is a legacy setup). SpamAssassin needs a lot of RAM. Also keep in mind, that usually you are asking different nameservers for blacklists and stuff like that. That means, that filtering an e-mail takes a certain time, no matter how fast your system is. Dual P3 1 GHz and nly 1 Gig of RAM looks pretty much like a bottleneck to me, even without all the amavisd overhead. Have a look at "top", at "systat -vmstat", "iostat -d 1" and such, to get a clue, if your processors are too slow (only little I/O, enough free memory, 0 idle time over long periods), if you are lacking RAM (few free memory, lot's of I/O) or if you have an I/O problem (a lot of processor idle time, but the disks having >>400 ios per second all the time). My Spam filters are not quite the same as your, as the still have their MTA, do virus checking and have queues, so they need a lot of IO anyways. The don't have swap space: as soon as they start swapping, things get worse, becuse there's too much disk io and they get very slow. So have a look at your swap space. Are you using Swap at all? When th machines get loaded, do they start swapping very hard? That'd probably kill them. Another thing: using RAID 0 is VERY RISKY in any mail environment. RAID (especially in this case) is not so much about data security (if the spamd breaks the connection, the mail is still not lost), but about availability. You are close to the edge in your environment. one disk breaking would mean hours (if not days!) without accepting mails or without filtering. I would really think that over. - Oliver -- | Oliver Brandmueller | Offenbacher Str. 1 | Germany D-14197 Berlin | | Fon +49-172-3130856 | Fax +49-172-3145027 | WWW: http://the.addict.de/ | | Ich bin das Internet. Sowahr ich Gott helfe. | | Eine gewerbliche Nutzung aller enthaltenen Adressen ist nicht gestattet! |