Sendmail tweaks

Since the thread about MTAs brought up some of the usual wars, and I
happen to be managing a few sendmail servers (despite my affinity for
other MTAs): What is iit that you put in
your MC file and any other tweaks that you put in your cf file to "speed"
things up and manage queue sizes?

I don't have any of my old cf or mc files from the last time I ran a
couple production sendmail servers; and the current cf files seem to be
lacking the accompanying mc files.

In my cf files, here's what might speed up my delivery:

AliasWait at 10
MaxMessage size at 11M
DeliveryMode is background
Connection cache size is 2
Connection cache timeout is 5m
Check Aliases is false (which doesn't really do anything for
performance)
Privacy Options are the standard: noexpn, novrfy,authwarnings,
needmailhelo

SuperSafe is True.

I also have a few timeouts set that I'm not sure are of any use:
initial: 15s
connect: 15s
ident: 0
queuereturn: 12h
queuereturn.normal: 12h
queuewarn: 6h

Back off timeouts again:

DoubleBounces are sent to the bit bucket.
Max recipients is 100
Dead letter goes to bit bucket.

I've used QueueLA before, but it didnt' seem to 'queue' things so much as
'deny new messages'. So, I'm a bit leery of that (And no, I didn't
confuse it with RefuseLA).

I believe that this version of sendmail (8.13.7) includes milter support,
I'm interested in milters. I know they are the bees knees, the cat's
pajamas, but unfortunately, the most popular, and one I was dying to use -
Greylisting - is unusable since mail on the domain I'm worrying about uses
postini. So, mail goes to postini, postini sends it to us. I can grey list
all I want, but postini is still gonna send it. The same goes for IP
blacklisting, connection throttles to stop spammers, and the like.
Postini is *the* only way into the mail server - any other connections are
rejected. (I do understand that I could throttle connections, but it's
not going to stop say, a spammer - the mail is already spooled on postini,
so it WILL come, the only thing that throttling will do is delay any
incoming mail.)

As configured, sendmail already denies messages going to recipients that
don't exist; but because postini doesn't filter all mail (just ones that
are subscribed) a spam stomping milter that has a low false-positive rate
(since having someone on hand to do nothing but sort through messages
isn't useful) would also be good. And again: My only problem is I *am* on
solaris, and since glibc yhasn't been ported, any milter that is C/C++
that uses glibc is out of the question. Unless I want to port either
glibc, or the milter. Perl and python filters, while less desirable, are
acceptable.

So: if you have any tips, feel free to send them on. As I mentioned in
the other thread, I'm looking to move, but since this would be a LARGE
move, I have to make do with what I have until I have new servers built
and ready and a migration plan written out and tested. (Hey - if you have
migration plans... well.. post those, too).

I mostly need to get away fro mbox format, as mbox format is not NFS safe,
and the current "nfs safe" version of procmail wwe have is undesirable.

Feel free to bounce ideas, flame, whatever.

Adam
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Aug 29 15:49:05 2006