This tutorial was great... i have configured a mail server to the dot, and it works as expected. But i have a few questions *I tested sending a zip file with a virus in it, and the email was deleted with no confirmation or any email sent to the recipient explaining what had happened. Will this be ClamAV? I wasn't sure what logs to check, i couldn't find anything related to the deletion of the email... It would be ideal if this sent a notification message of some sort. *Is there some way to monitor spamassassin/clamav - statistics to break down who is getting spam, etc... I guess there needs to be some way to track messages or something.
Another thing i've noticed is, there is a fair delay between sending and actually receiving the message even when I send from another mail server within our local network. It seems to be able to deliver up to 8 per minute. Is this because the antivirus / spamassassin scanning? Now 6-8 emails a minute is fairly slow. I just sent 50 to our other server (much older, but running Windows with Symantec Mail security) and that processed all 40 and moved them into my mailbox for delivery in under a minute. Is this normal for the security this setup has? Or is there something wrong here
Check the mail log. MAybe you can configure the notofications in amavisd. Have a look at /etc/amavisd.conf. Check out mailgraph and pflogsumm: http://people.ee.ethz.ch/~dws/software/mailgraph/ http://jimsun.linxnet.com/postfix_contrib.html Depends on your hardware. The slowest part is amavisd which is written in Perl.
Its not the most amazing hardware: Compaq Proliant ML530 (two 1GHz Pentium III Xeon processors), 640mb of ram(this will be increased, probably needs to be), RAID 5 across 5 hard drives. I would have thought this would be enough. The graphs munin has put out show that the cpu load hasn't gone above about 3%. It looks like memory is fairly well used however...
Came back in the morning and found these in the mail.log: May 17 09:04:42 localhost amavis[6933]: (06933-02) lookup_sql: 2006, MySQL server has gone away May 17 09:04:42 localhost amavis[6933]: (06933-02) NOTICE: Disconnected from SQL server May 17 09:04:42 localhost amavis[6933]: (06933-02) TROUBLE in check_mail: creating_partsdir FAILED: DBD::mysql::st execute failed: MySQL server has gone away$ May 17 09:04:42 localhost amavis[6933]: (06933-02) PRESERVING EVIDENCE in /var/lib/amavis/amavis-20060516T163311-0693
I removed the two lines from the postfix config file main.cf that ties in amavis etc: content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings And the speed increased 10 fold, so amavis-new is obviously causing the slow down.
hmmm..... now all mail just sits in the queue with this. I have not been able to sort out what it is so far. I installed a few perl modules and things that were required by that monitoring software Falko linked. Anyone know what this means? 2EF605141EF 9603 Wed May 17 13:08:28 sender@domain (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=04900-01, decoding2-get-file-types FAILED: 'file' utility (/usr/bin/file) failed, status=1 (256 ) at /usr/sbin/amavisd-new line 3853. (in reply to end of DATA command)) recipient@domain in the mail.log is: May 17 13:42:41 localhost amavis[2435]: (02430-01) run_command: child process [2435] failed to exec /usr/bin/file /var/lib/amavis/amavis-20060517T134241-0243$ May 17 13:42:41 localhost amavis[2430]: (02430-01) TROUBLE in check_mail: decoding2-get-file-types FAILED: 'file' utility (/usr/bin/file) failed, status=1 (2$ May 17 13:42:41 localhost amavis[2430]: (02430-01) PRESERVING EVIDENCE in /var/lib/amavis/amavis-20060517T134241-02430 So I ran this in the command line: /var/lib/amavis/amavis-20060517T134241-02430/email.txt and got this response: /var/lib/amavis/amavis-20060517T134241-02430/email.txt: RFC 822 mail text It would seem this does work
The error I Outlined in my previous two posts is fixed.. but the speed issue is still at odds with me. To fix the error I described - I installed CPAN, and then installed Net::Server using CPAN. This installed a newer version of Net::Server than the Debian version (0.93 instead of 0.90). The version can be checked with: perl -MNet::Server -e 'print "$Net::Server::VERSION\n";' and the old version resintalled with: cd /usr/local/src wget http://search.cpan.org/CPAN/authors/id/R/RH/RHANDOM/Net-Server-0.90.tar.gz tar xzvf Net-Server-0.90.tar.gz cd Net-Server-0.90 perl Makefile.PL make && make test && make install
I have narrowed the incredible slowness down to the anti-spam. When I uncomment this: #@bypass_spam_checks_acl = qw( . ); # uncomment to DISABLE anti-spam code from the amavis.conf if I fire 200 emails at the server is sends them out within minutes... if that is enabled it could take 20 -30 minutes. The interesting thing is the load just doesn't seem to be that bad on the server. Watching top whilst this is happening, I don't see memory load going above half the available. CPU usage tipped out at about 10%.