Stop inbound

Steve Campbell campbell at cnpapers.com
Thu Apr 21 19:48:07 IST 2005 

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

AP,

If you're concerned about an idle gateway, and these are your DNS MX boxes,
I think (?) you can set up your MX records to be equal priority with a short
TTL, thus creating a round-robin DNS.

Of course, this won't help if this attack is rapid and short lived, but it
may delegate some of the mail to the secondary alleviating some of the
primary load.

I could be wrong here. Please let the list correct me if so.

Steve Campbell
campbell at cnpapers.com
Charleston Newspapers




----- Original Message -----
From: "AP" <pearsoa at SUNBEAM.COM>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Thursday, April 21, 2005 10:52 AM
Subject: Stop inbound


> Hey Guys,
>
> Is there a way that I can shutdown the reception of mail to the inbound
> queue while still allowing MailScanner to process what's currently in the
> inbound queue and still allow the delivery of mail in the post-processing
> queue?
>
> I know that I could turn off port 25 on the Firewall to the specific mail
> gateway but I would like to do this on the Mail Gateway itself.
>
> Here's my reason.  We sometimes early in the mornings (3-4am) get directed
> SPAM attacks that loads up our primary mail gateway.  Our inbound queues
> can get quite large and the primary mail gateway will continue receiving
> the mail without regard to how large the inbound queue is getting.  We can
> sometimes get 3000-5000 messages in the inbound queue while our secondary
> mail gateway is practically idle.
>
> I was thinking that I could write a mailqin monitoring script that would
> poll the queue every 5 minutes and if it has reached some kind of
> threshold, say 500-1000 messages, it would then stop the receiving of
> inbound mail until MailScanner had processed the queue down to some
> minimum, say 100 messages, before it would start back the receiving of
> mail.  That way the secondary mail gateway would start taking on some of
> the load and we could avoid some of the message delays that we get because
> of the backlog.
>
> Our primary and secondary mail gateways are fairly heavy duty boxes,
Server
> class with dual hyper-threaded processors and lots of memory so it is not
> that the boxes are underpowered it's just that the secondary box is being
> under utilized.
>
> Any thoughts or suggestions would be welcome.  If there is a better way to
> handle this I would be interested to know.
>
> Thanks,
>
> AP
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list