Proposed system good enough for mailscanner?

ISP List isp-list at TULSACONNECT.COM
Thu May 30 20:43:56 IST 2002


At 02:54 PM 5/30/2002 -0400, you wrote:
>Hi all!
>
>I'm new to this mailing list and am looking for your advice.
>
>I've been charged with the task of finding an anti-virus/anti-spam
>solution for our ISP.
>
>We currently have 6 mail servers, each with 4000 to 10000 accounts.  I'd
>like to set up a SMTP gateway server to handling all inbound and outbound
>SMTP traffic.  The total SMTP traffic (inboudn + outbound) would be in the
>order of 700,000 messages per day.
>
>Which anti-virus software should I use for a service of this volume?
>
>Does any have any experience with a system of this size?
>
>I've currently spec'd out a server:
>
>Dual Athlon 1600+ MP
>1GB RAM
>35GB RAID 5 (Ulta-SCSI 160)
>
>I would be running Linux on this system.
>
>Anyone have any thoughts or comments?
>
>Thanks!
>
>-Rich

In general, anti-spam software tends to be CPU intensive more than disk I/O
intensive.  If you do RBL lookups, I would strongly suggest you get a local
copy of the RBL zones and do the lookups locally vs querying
remotely.  Anti-virus software does have some disk i/o requirements when
the attachments are large, but in general U160 or ATA/100 will be plenty
fast for this task.  I would throw out several of these boxes with equal MX
weights to distribute the load.  If you do RAID, do 0+1 rather than 5, as
R5 writes are expensive.  Also, consider FreeBSD instead of Linux as the
platform, as the "softupdates" feature unique to *BSD filesystems makes
mailservers fly.

What we do is run exim 4.04+MailScanner on FreeBSD with McAfee as the AV
scanner and SpamAssassin doing anti-spam.  These external relays are listed
as the highest priority MX for all of our domains.  exim queries a mysql
database for the allowed list of relay domains and if the message is
accepted is passed to the internal POP boxes (which never appear in the MX
records).  The system works out well.  The only downside is that mail send
from your users does not get scanned, only mail to your users.

--Mike



More information about the MailScanner mailing list