Server Loads/hardware standards - recommendations

Julian Field MailScanner at ecs.soton.ac.uk
Fri Oct 27 12:11:24 IST 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Glad you find greylisting to be useful, I certainly did.

The next thing for you to install is milter-null from
http://www.snertsoft.com/sendmail/milter-null/

This will kill all the "your message could not be delivered" messages 
you get hundreds of. Completely.


Mevershosting.nl wrote:
> I just want to say WOW, We installed greylisting yesterday and the load
> on all our relay servers is around 1% 
> the avarage was around 10% 
>
> This greylisting gets a lot of spam out, people that worry about the
> delay, i have the delay set to 30 seconds and it works great,
>
> Thanx Julian for this tip.
>
> Richard
> Mevers
>
> -----Oorspronkelijk bericht-----
> Van: Julian Field [mailto:MailScanner at ecs.soton.ac.uk]
> Verzonden: dinsdag 17 oktober 2006 21:29
> Aan: MailScanner discussion
> Onderwerp: Re: Server Loads/hardware standards - recommendations
>
>
>
>
> * PGP Bad Signature, Signed by an unverified key: 10/17/06 at 20:29:20
> * text/plain body
> * Julian Field <Jules at jules.fm>
> * 0x1415B654 - Unverified(L)
> * PGP Bad Signature, Signed by an unverified key: 10/17/06 at 20:29:20
>
> Scott Silva wrote:
>   
>> Michael Kain spake the following on 10/17/2006 9:52 AM:
>>   
>>     
>>> Recently, I've gone from handling 40k messages /day to nearly
>>>       
> 30k/hour. 
>   
>>> The change has surfaced in the last month or so.
>>>
>>> My current setup:
>>> Dual P3 1.13
>>> 1GB Ram
>>> FC5
>>>
>>> Mail gateway running MS/clam/SA forwards scanned mail to internal
>>>       
> mail
>   
>>> server (when there's a problem, users hit send/receive and that
>>>       
> doesn't
>   
>>> cause an error..thus avoiding immediate call) I've used Julian's
>>>       
> clam/sa
>   
>>> install script (which is awesome), and read posts relating to new
>>> releases before upgrading/such.
>>>
>>> With spamassassin enabled, the batch list grows and grows, was up to
>>>       
> 95k
>   
>>> at one point.. disabling SA in MS cleared that out fairly quickly.
>>>       
> I've
>   
>>> wiped the SA/bayes temp files thinking bayes was backing up, however,
>>>       
> it
>   
>>> seems that is not helping.
>>>
>>> What I would like an opinion on is this... Am I trying to do too much
>>> with the hardware that I currently have?  Or do I put together a
>>>       
> bigger
>   
>>> beefier machine?
>>>
>>> -Mike
>>>     
>>>       
> You can make a huge difference to the amount of spam you have to process
>
> with 2 tools:
>
> 1) milter-gris
> 2) milter-null
>
> Number 1 implements grey-listing. There are a lot of discussions about 
> greylisting on the web, and a lot of people are very wary of it 
> initially. I was too. Then I ran a test with a handful of the fussiest 
> email users I have (I've got about 2000 users in total). I told them I 
> was implementing something new, but refused to tell them what, so they 
> would not have any pre-conceptions about it. They *all* loved it, and 
> none of them reported any problems at all. So I implemented it across 
> all of my users, who are very fussy Computer Science and Electronics 
> academics, as well as the students. That was about 6 months ago, since 
> when I have had *1* complaint, which I dealt with by adding them to the 
> whitelist for it.
>
> So my conclusion with greylisting is test it with some very fussy users,
>
> then roll it out to everyone.
>
> Number 2 implements back-scatter detection. Basically, what this does is
>
> get rid of all the "This message could not be delivered..." notices that
>
> weren't generated in response to your own users' mail. It doesn't throw 
> away all of them, so that if your users mistype an address, they still 
> get the error message from it. But all the delivery failure messages 
> generated by forged spam get killed.
>
> Between these 2, you will remove 80-90% of all the mail coming into your
>
> site, without losing any genuine real mail at all. This will make your 
> hardware go a hell of a lot further, and you will find you don't need to
>
> spend any money on new hardware at all.
>
> My MX servers used to just about cope. Then I implemented these 2 
> techniques and they now just tick along quite happily, getting very
> bored.
>
> Both of the above techniques can be done very easily in sendmail and 
> Postfix using the milters which are available from www.snertsoft.com. I 
> thoroughly recommend them to everyone.
>
> Jules
>
>   

Jules

- -- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654



-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.0 (Build 1112)
Comment: (pgp-secured)
Charset: ISO-8859-1

wj8DBQFFQeljEfZZRxQVtlQRAkbaAJ40bmP3Lr63v5JQBOIV3spTfHLAogCgjSLT
Dcqj3gALlYTEJfSN8NZz7s4=
=vym2
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk

More information about the MailScanner mailing list