Proposed system good enough for mailscanner?

Youn Gonzales ispmgr at CLAS.NET
Thu May 30 20:56:50 IST 2002


    Simply redirect port 25 on your real mail host to your MX hosts and your
mail from your users will get scanned too..


Youn Gonzales
System Administrator
Comptia A+, Network+, INET+,
Cisco CCNA/CCDA Certified Technician
Microsoft Certified Professional

The basic tool for the manipulation of reality is the manipulation of words.
If you can control the meaning of words, you can control the people who must
use the words. Philip K. Dick

----- Original Message -----
From: "ISP List" <isp-list at TULSACONNECT.COM>
Sent: Thursday, May 30, 2002 2:43 PM
Subject: Re: Proposed system good enough for mailscanner?

> At 02:54 PM 5/30/2002 -0400, you wrote:
> >Hi all!
> >
> >I'm new to this mailing list and am looking for your advice.
> >
> >I've been charged with the task of finding an anti-virus/anti-spam
> >solution for our ISP.
> >
> >We currently have 6 mail servers, each with 4000 to 10000 accounts.  I'd
> >like to set up a SMTP gateway server to handling all inbound and outbound
> >SMTP traffic.  The total SMTP traffic (inboudn + outbound) would be in
> >order of 700,000 messages per day.
> >
> >Which anti-virus software should I use for a service of this volume?
> >
> >Does any have any experience with a system of this size?
> >
> >I've currently spec'd out a server:
> >
> >Dual Athlon 1600+ MP
> >1GB RAM
> >35GB RAID 5 (Ulta-SCSI 160)
> >
> >I would be running Linux on this system.
> >
> >Anyone have any thoughts or comments?
> >
> >Thanks!
> >
> >-Rich
> In general, anti-spam software tends to be CPU intensive more than disk
> intensive.  If you do RBL lookups, I would strongly suggest you get a
> copy of the RBL zones and do the lookups locally vs querying
> remotely.  Anti-virus software does have some disk i/o requirements when
> the attachments are large, but in general U160 or ATA/100 will be plenty
> fast for this task.  I would throw out several of these boxes with equal
> weights to distribute the load.  If you do RAID, do 0+1 rather than 5, as
> R5 writes are expensive.  Also, consider FreeBSD instead of Linux as the
> platform, as the "softupdates" feature unique to *BSD filesystems makes
> mailservers fly.
> What we do is run exim 4.04+MailScanner on FreeBSD with McAfee as the AV
> scanner and SpamAssassin doing anti-spam.  These external relays are
> as the highest priority MX for all of our domains.  exim queries a mysql
> database for the allowed list of relay domains and if the message is
> accepted is passed to the internal POP boxes (which never appear in the MX
> records).  The system works out well.  The only downside is that mail send
> from your users does not get scanned, only mail to your users.
> --Mike

More information about the MailScanner mailing list