On 2/4/2010 9:09 AM, Simon Billis wrote: > Hi, >>> I would question how "real time" that would be for every email for >> 6k+ >>> domains. If a few have a large client base, or are expecting >> responses >>> from a mass emailing, it might start to take a *while*, unless you've >> got >>> pretty heavy duty equipment and networking. >> >> It's the same thing the downstream server is going to have to repeat in >> just a >> moment anyway, but this time it doesn't have to do the other steps. If >> you are >> close to capacity already it might push you over the edge - and be >> worth >> scripting a way to maintain that frontend virtuser table that makes it >> a >> near-instant hash lookup for the relay sendmail. But for the relay it >> will be a >> win either way to avoid the much heavier load of spam-scanning stuff to >> invalid >> recipients and making the downstream servers construct bounces. > > I hadn't looked at it like that, you may be right, the reduction in scanning > may provide enough capacity to handle the additional workload from perl. I > think that I would prefer to have sendmail do the "rcpt to:" rejection > utilising a map as this I think will be the fastest method, so I'll check > out the virtusertable approach. I recommend MimeDefang in any case because it uses a very efficient multiplexing technique to let sendmail interleave fast/slow operations with a minimum of long-running perl processes doing the milter operations - and since spamassassin is perl it runs it internally. See page 31 of this pdf: http://www.mimedefang.org/static/mimedefang-lisa04.pdf. And, it lets you control most things in a small chunk of perl instead of fighting with sendmail. There are RPMs for it and clamav at rpmforge. But, even with MimeDefang it will help to reject everything you can up front. To use virtusertable you have to add the domains you accept for to the local_host_names - which may then require some tweaking to arrange actual delivery, perhaps through mailertable if you aren't already mapping to some other internal host's A record name. Then you can do things like: # make domain2.com equivalent to domain1.com @domain2.com %1%3@xxxxxxxxxxx # reject domain3.com (might be a CNAME that inherits the MX) @domain3.com error:nouser No such user here # accept known addresses for domain1.com and set internal target realuser1@xxxxxxxxxxx realuser1@xxxxxxxxxxxxxxxx realuser2@xxxxxxxxxxx realuser2@xxxxxxxxxxxxxxxx # reject anything else for domain1.com @domain3.com error:nouser No such user here -- Les Mikesell lesmikesell@xxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos