The problem is the MIRVs. A lot of mail gets addressed to thereto@stonehenge, barney@stonehenge, merlyn@stonehenge, for about 10 addresses. And this type of spam seems to have greatly increased in the past few months. A burst would come in, and for the next two minutes, I was splitting and forking and SpamAssassin-ing, and loadav would hit 3 or so, and my sublease customers were complaining.
So yesterday, I bit the bullet, and learned about Amavisd, a Perl daemon built around Net::Server, that could pull in SpamAssassin and some virus checkers. I carefully read the "README.postfix" file included in the distro, and set up everything.
Wow, what a difference. Now my postfix/amavisd MTA checks for spam once for the MIRVs, without forking, instead of 10 times with a lot of forking going on. My loadav has never exceeded 0.9! Hooray. Success.
I'm getting about 1 MIRV a minute. Ouch.
My only concern is that the amavisd is started and stopped outside the normal postfix engine, so I'm concerned about what happens when it goes down. (Postfix will just stop, but I won't be around to notice.) I'm thinking of a cronjob entry to just keep restarting it every half hour or so, just in case it fries.