5.2.1 with 40000 virus scanned mails / day on Dell
jk at jk.homeunix.net
Wed Jun 23 14:32:05 PDT 2004
On Wed, Jun 23, 2004 at 05:45:18PM +0200, Karl M. Joch wrote:
> I need to setup 3 servers on different locations as mail gateway with
> about 40k mail per day each. the servers runs MailScanner, Clamav and
> Spamassassin. The customer has Dell hardware and only buys Dell hardware.
I've got a couple of 2650s (2x2.4GHz and 2x3GHz Xeons) doing that fairly
well. It is front-ending ~30K email accounts.
> Has anybody experience with Dell servers which runs under FreeBSD. I
> think about systems with Dual Xeon 3.0, 4 GB Ram and fast SCSI Hot Plug
> Raid 5 which should be strong enough to handle that amount of mails
> forwarding them to a Notes server.
We're running 5.2.1 (-p8 now), mostly for the bge0 support (at the time,
4.9+ wasn't recognizing the built-in Broadcom BCM5703 Gigabit Ethernet).
We're also running with HT, and since it passed the initial stress testing
we decided to go with it.
We end up with ~100K emails per day, and we manage to keep up. When the
spammers are normal, things are Ok, but every now and then one decides to
totally bomb us and we'll end up with queues 40K-75K deep that'll take half
a day to clear. 95% of the time that is totally fine, but 5% of the time
(not real statistics) we get tied to the anvil and tossed into the deep end
of the pool and we wanted the extra pony-power. We've spent a long time
and have a lot of students over the years one the one machine so we get hit
with a lot of email for people that aren't here anymore, which can act to
increase the user-count if you're not careful.
Typical CPU utilization is generally low, so we don't end up CPU bound
unless we get bombed (and then the load gets up into the 6-7 range).
I don't think that disk I/O ends up being a big factor, but we have 2G of
RAM in those to try and keep things in cache and that certainly works
pretty good for us. We tend to have ~10K of bogus unreturnable-to-sender
spam backlogged and that can cause the queue-runners to pile up, and the
mailscanner perl processes with clamav+spamassassin in them are huge.
This is not a mail-server, it is only a MX so unless we're backlogged
we're probably running out of cache on not really hitting the disk much.
My $.02: Anytime you act as a MX relay, be sure you have some way of
knowing what are legitimate users or not so you can give the smaller the
5xx permanent failure messages rather then 4xx (or accepting, then trying
to bounce email to bogus addresses). You'll save yourself a lot of
busywork that way and you're server will scale better.
More information about the freebsd-stable