Nmap Development mailing list archives
Mailing list performance fixed (I hope)
From: Fyodor <fyodor () insecure org>
Date: Thu, 14 May 2009 16:29:37 -0700
Hi All! I spent many hours over the last few days trying to to improve Mailman performance, which was severely bogged down. Messages requiring moderation (e.g. those from non-members) were taking 5+ hours to get through. Subscription attempts on the web site were failing (timeout). I tried a bunch of "solutions", such as cleaning up the Mailman queue file and data directories, removing held/bounce messages, restarting the whole server, etc. But I think the problem was that spammers were sending many thousands of messages per day to mailman-related addresses (e.g. nmap-hackers@, nmap-hackers-woner@, nmap-hackers-subscribe@, nmap-dev@, mailman@, etc.). For lists with tens of thousands of members, each such mail can take Mailman a long time to process just to check things such as whether the sender is an actual list member. Meanwhile, the flood of spam kept the list locked from other mailman-related processes such as moderation notices and subscription requests. I reconfigured the mail server (Postfix) so that it rejects RCPT to mailman-related addresses if the client is on the Spamhouse Exploits Block List (http://www.spamhaus.org/xbl/index.lasso) or SBL (http://www.spamhaus.org/sbl/index.lasso). In the last 12 hours, that has blocked 31,840 messages. Some of those would have been blocked by other mechanisms before, but many would have gone through and clogged mailman. !@#$!@# spammers!#@$!@#$ Anyway, let me know if you find anything broken WRT the mailing lists, mail server, web sites, SVN, etc. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Mailing list performance fixed (I hope) Fyodor (May 14)