Hello Craig,
Am 2007-03-21 07:48:00, schrieb Craig Sanders:
> i've got good performance in the past from a setup similar to that.
>
> i built a bunch of MX receivers which accepted all incoming mail,
I have a trouble with incoming messages since I receive arround 2.8
million legitim messages per day but at least 6.5 million SPAMS/VIRUSES.
I use the Courier suite. Please see my other message (seperated thread)
How do you have setup the MX-Servers correctly?
I have tried it using round robin but it does not work.
> processed it with amavisd-new/spamassassin/clamav, and then forwarded it
> on to the main mail server, which stored it in the users' mail spools.
This is what I like to do too and the Mailboxes are on NFS-Servers...
> we started off with 3 of these MX servers, but we could have scaled that
> up to as many as we needed. each was a machine with a fair amount of RAM
> and CPU power (for spamassassin - at the time, a P3 with 512M. today i'd
> use amd64s with at least 2GB), and the smallest disk we could buy at the
OK, I have only those AMD Opteron 256 with 8 GByte of memory.
> time (today i'd probably use the Gigabyte I-RAM battery-backed ram-disk
> PCI cards for /var/spool/postfix). these boxes also acted as outbound
Whats this? Link please!
> mail relay, doing spam/virus filtering on both inbound and outbound
> mail.
Price of this?
> the main server also ran pop and imap and acted as an outbound mail
> relay for the handful of users who complained about their outbound mail
> being spam/virus filtered. it also ran webmail. it had lots of CPU and
> RAM (can't remember exactly but it was dual processor, fastest available
> at the time, and 2GB of RAM - today i'd use multiple dual-core amd64s or
> better and 8GB or 16GB of RAM) and lots of scsi disk in a raid-5 array
> with hardware raid control (and battery backup of the cache). today i'd
> probably use lots of medium-sized (~ 300GB) SATA drives on a decent
> hardware-raid SATA controller (perhaps an adaptec 2820 or IBM ServeRaid
> - both use the aacraid driver).
I use 5 "courier-imap-ssl" servers for the IMAP-Users and 2 for Webmail
but having problems with the round robin... :-/
> our main load problem at the time was anti-spam/anti-virus processing of
> incoming mail, but the plan was to eventually add more servers to handle
> the pop/imap/webmail connections and leave the main mail server to be
> just NFS storage. i left the job before i got to implement that part of
> it.
This is what I think too...
> i used LVS to load-balance the incoming mail so that I had control over
I was serching my apt-cache but have nothing found on LVS...
Is there nothing in Debian?
> note: it is crucial that the MX receivers are able to verify that
> recipients exist *before* they accept mail (and 5xx reject mail for
> unknown recipients), otherwise they will become backscatter sources.
> that should be pretty easy with all your user account info in mysql.
Right this is waht I do too but additional VIRUS/SPAM filtering is
done on a External-Server! But, if my MX-Round-Robin would work, then
I can put, like you the VIRUS/SPAM-Filtering directly onto the MX.
> you may want to look into setting up a mysql cluster to replicate
> your accounts database - share the load, and good for redundancy.
> alternatively, move your account data into LDAP and run LDAP slaves on
> each of the MX boxes so they have a local copy of the account data.
I use libpam-pgsql amd libnss-pgsql with PostgreSQL 7.4 (will upgrade
to 8.2) for 17.000 users and do not find a bottleneck with it...
> oh yeah, of course use Maildir over NFS. not mbox. you can make mbox
> work over NFS but it's not worth the trouble. easier to go with Maildir.
:-)
> using Maildir means using a filesystem that doesn't crap out with lots
> of files in a directory. i.e. not ext2 or ext3. i like XFS as a good,
> general purpose, robust file-system with many years of testing and
> real-world deployment behind it. reiserfs is too experimental and has
> had too many problems (and too many instances where upgrades weren't
> backwards compatible with previous versions) to trust on production
> servers.
I use ext3 since many years without any problems, even
with sometimes over 100.000 messages in a folder.
Thanks, Greetings and nice Day
Michelle Konzack
Systemadministrator
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSN LinuxMichi
0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Attachment:
signature.pgp
Description: Digital signature