Tiger Mountain Technologies

Technical support bbs for Tiger Mountain Technologies and LewisCounty.com
http://bbs.lewiscounty.com/phpBB3/

Mail delay related to virus scanner

http://bbs.lewiscounty.com/phpBB3/viewtopic.php?f=1&t=137

Page 1 of 1

Mail delay related to virus scanner

PostPosted: Wed Apr 06, 2005 11:13 am
by forhire
It appears that our e-mail virus scanner is working overtime attempting to spool some e-mail. I restarted the daemon about a half hour ago to force the mailer to deliver the spooled e-mail. At present there is about 400 megs worth of mail to be pushed to the pop3 server. The server is running at about 90% cpu usage and I expect it may be a few hours before the complete spool is fed out.

I'm not sure what has caused the delay. We normally process serveral gigs worth of mail per day so 400 megs doesn't appear to be a lot.

PostPosted: Wed Apr 06, 2005 12:44 pm
by forhire
I have found that an infected host was sending a TON of e-mails. We have blocked myw-stp-196-34-112-248.sentechsa.net[196.34.112.248] pending removal of their infection. Since 5:00 AM to 10:00 AM the infected machine loaded up our mail scanner with 64210 messages to process.

PostPosted: Wed Apr 06, 2005 2:58 pm
by forhire
I wrote a script to delete the bogus messages that remained in the spool. Of the 64120 messages I was able to purge 8230 messages. This should help with the load. I'm working on the new script to purge any remain bogus mails that have been scanned already.

PostPosted: Wed Apr 06, 2005 3:06 pm
by forhire
I have purge an additional 8460 garbage messages.

PostPosted: Wed Apr 06, 2005 3:24 pm
by forhire
We're making progress. In the last few minutes since purging the 16,000 or so garbage messages we have delivered about 100 megs worth of mail. We still have about 400 megs waiting in the spool but we are finally seeing a positive delivery rate. At this rate we should finally finish in an hour or two.

PostPosted: Wed Apr 06, 2005 3:43 pm
by forhire
Purged another 5063 garbage bounce e-mails. This should speed delivery more.

PostPosted: Wed Apr 06, 2005 3:50 pm
by forhire
Further worked my script and purged another 5134 garbage messages.

PostPosted: Wed Apr 06, 2005 3:55 pm
by forhire
So far I have purged 26,887 of the remaining garbage e-mails. This certainly cuts down on the delivery-bounce loop that was taking so many cpu cycles. At present I still have 343 megs remaining to be delivered. These are all most likely valid e-mails.

PostPosted: Wed Apr 06, 2005 5:23 pm
by forhire
All the messages have been moved from the antivirus server to the main mail server (pop3.lewiscounty.com). At present the there are 320 megs worth of mail waiting to be scanned by spamassassin and delivered to their final destination. My personal mail is beginning to trickel in. This should happen faster than on the virus scanning server as it has more processors.

PostPosted: Wed Apr 06, 2005 6:47 pm
by forhire
After some coaxing we're finally beginning to see the mail spool feed out into the mail boxes. The waiting spool has finally dropped below 300 megs.

PostPosted: Wed Apr 06, 2005 8:05 pm
by forhire
All mail has been delivered. Fixed.
All times are UTC - 8 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/