Amit pretty much took care of the problem by introducing the Mail::Audit code, but the introduction of the additional modules more than doubled the CPU usage, so I backed it out. We've definitely got more CPU to burn now, but I've still been too scared to turn it back on. Maybe there's a way to cut down on the amount of code that gets loaded -- I really doubt that the Mail::Audit code that we're *using* is causing the CPU load - I'll bet instead its just the dependencies and all the compilation that's required.
In another vein, there may be an alternative approach altogether -- I was reading the tdma.net setup instructions and noticed this:
MTA Configuration (Sendmail)
Gripes
1. The main difficulty with using TMDA under Sendmail, is that Sendmail does not set any of the required environment variables as the other supported MTAs do. In fact, as hard as this is to believe, Sendmail does not provide any envelope recipient information to commands run from a .forward file. In today's complex mail environments, full envelope information in user-space is essential to support advanced applications such as TMDA. It's not an accident why all the other supported MTAs do this; it's a good idea!
If you are stuck with Sendmail and find this deficiency as troubling as I do, you might consider sending a feature request to the Sendmail developers asking that the full envelope information be made available to .forward invoked programs in the form of environment variables (SENDER, RECIPIENT, and EXTENSION). This should be done regardless of whether the Sendmail installation has procmail configured as its local mailer or not.
I feel sort remiss in all this -- what they're saying, of course, is that the other supported mail servers *do* supply environment variables that indicate the sender and the recipient (yes, it's late 2003, and we've been doing this for three years ). Anyway, it might be good to look at this, too.