On 26/10/10 12:10, B. Alexander wrote:
Hi all, I figured I would ask for a sanity check here. I'm looking to replace my internal mail server. Right now, I'm running Zimbra 5.0.x, but I have always run on the low end of the hardware requirements, and now, the box I am running on (2.4 GHz P4, 1GB RAM) is being beaten to death by java in zimbra. Load average always hovers between 3 and 6. Now the mail server, since Comcast blocked port 25, is mainly used for internal monitor/security messages, like ossec and opsview, apticron messages, etc. So I was looking to set up an OpenVZ container, probably sid, as a mailserver with the following: * postfix * dovecot * spamassassin (in case I ever decide to work around the port 25 block) * roundcube for webmail Anyone got any suggestons? Either anything I'm missing or packages that work better?
I've never had trouble with the Debian default of exim4, so I've never looked around for a replacement. I picked Courier IMAP several years ago, and again have never seen a reason to move. I use webmail only occasionally, so the aesthetics of SquirrelMail are not a problem.
I have tried spamassassin, but as others have said, it's a bit of a hog. Or it was when I last ran it, several years ago now. These days I use no subject or content checking at all, just a few SMTP-level tests in addition to exim4's standard DNS and sender checks. It checks just under 3000 blacklisted CIDR blocks, refuses about 20 country codes in HELO and PTR strings, attempts to recognise dynamic IP addresses from the same strings and refuses two or three particularly egregious foreign ISPs. I assume postfix will do the same kind of thing.
The email address at the top of this post is genuine, and has existed for over twelve years on the same fixed IP address. I therefore get between 2500 and 5000 SMTP connection attempts a day, of which about 100 are genuine. An average of about 1.5 spams a day make it through to my Inbox, and Icedove spots almost all of them. That's for a couple of seconds of exim4 run time a day, on a dual-2.8G CPU machine with half a gig of RAM. To be honest, the CIDR block checking is a bit of a hobby of mine, and only accounts for about half a dozen spams a day, while the DNS check alone kills about 40% of them and takes a fraction of the time.
My ISP uses a commercial anti-spam service, and I check the webmail for that domain every couple of weeks or so to avoid innocent people getting NDR spam, and without any doubt, exim4 does a far better job than their service.
-- Joe