postfix, spamassassin and spam ~ blocking cable and adsl modems
We seem to be, being hit with in excess of 12,000 spam emails per day from adsl and cable modems in the US alone. Then we get brute force attacked....the server at times gets somewhat stretched...
What would ppl suggest it the most efficient way to block such addresses?
I cannot simply block entire class B's and blocking individual IPs will probably get out of date...
I do not really want to process the email, I want to decrease the load on spam assassin by stopping the initial connect.
By analysin the mails I am finding they are all spam.... so I want to block say strings like dsl.xxxx.swbell.com....
access list?
IPtables rule?
What would be most efficient?
The goal here is to minimise disk i/o as that is the item being stretched, iostat -x 5 shows over 450% utilisation.....delays are geting to 4+ hours...and they bitch if its over 5 minutes....
I have 4 cpu's and spare capacity on these and I am only using 2.5 gig out of 4gig of ram so have spare here....the box only processes incoming smtp only, outgoing takes another route.....
At present I am running ext3 on the logging and spool directories but considering reiserFS, a good idea?
Also I am aiming to get more disks as I ahve only 2, so I can either raid 0 over the 3 new disks or split the queues....to 3 disks, which might be better?
Would a scsi hwraid based cache controller be worth it?
If I raid 0 what stripe size would be a good starting point with ReiserFS?
advice appreciated...
regards
Thing
Reply to: