Guardian Digital Inc. >
InfoCenter >
Mailing List Archives >
Amavis
Amavis Mailing List Archive
Max,
> My questions relates to strategies and options for scaling Amavisd-new in a
> postfix environment. I have read (and deployed) various options such as
> separating the postfix instances from amavisd-new onto separate machines,
> scaling these machines with the introduction of a load balancer, etc...
> However, the raw performance of postfix will always beat out amavisd-new
> given the same hardware.
True.
> Sendmail's milter interface allows the policy server to exist on a separate
> machine with a client socket connection. Clamav and SpamAssassin both
> support TCP/IP based client/server connections for virus and spam scanning.
So does the amavisd-new. It uses SMTP protocol, while spamc/spamd
uses a proprietary protocol, and sendmail uses its milter protocol.
Same thing - a file needs to be somehow transferred to the machine
on which it is going to be checked. There are no big differences there,
and compared top SA processing, the transfer does not take that long.
> So now my questions...
>
> - What is the current roadmap/future strategy with integration with
> Postfix. Will there be a tighter coupling of the two with a milterish
> interface, or will the preferred configuration always be a smtp/lmtp proxy?
For the moment I have no other plans but to continue with the smtp/lmtp
protocol. It thinks it covers all our present needs and its speed is not
a cause of immediate concern. To speed it up a little bit, perhaps the
smtp chunking and pipelining can be put to good use.
> - Is it possible/advisable to run spamd/clamd on external machines
> dedicated to these processes and connect via TCP for these routines (I am
> assuming that this would not work with spamassassin given the internals of
> the routines)?
The performance should be pretty much the same as the current preferred
amavisd-new/Postfix setup.
> - Postfix will not load balance transport maps, outside of using a load
> balancer (either hardware or software) or mx/dns round robin, is there
> another approach to load balance the amavisd-new instance?
Hm, I don't know. Looks like a question for the Postfix list.
I always lived under the impression that transport map (and content_filter)
can use multiple MX or A records for load balancing.
> - At some point the capacity of a single amavisd-new instance is reached
> (my cap seems to be 25 child processes on a dual 3Ghz machine). Is there
> another option to scaling, or is there a better approach to make the system
> more efficient than just adding more machines?
Probably not, apart from putting Bayes on SQL and providing a nearby
caching DNS server (not necessarily on the same machine).
If using DCC, use the server variant.
Mark
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
|
....