[TriLUG] OT? - RR now blocking email from dynamic IPs...

[C.Magnus Hedemark]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Monday, June 16, 2003, at 01:38 PM, John Franklin wrote:

> Were I running their mail server, I'd like to see something like that 
> as well.  Considering how chronically overloaded their mail servers 
> are now, adding password authentication and encryption (SSL tunneling) 
> is hard to justify, especially when the servers are for residential 
> customers, connecting from home.  It's less load on the systems and 
> more inline with the class of service to just limit it to IP blocks.

Actually the overhead can be quite low if you employ the use of an 
inexpensive hardware crypto accelerator.  Soekris makes a PCI card for 
cheap that you can compile OpenSSL to use.  This pushes all of the 
crypto overhead off to a dedicated processor.  SSL session setup times 
are a bit lengthier but you can handle many many more connections with 
this bit of kit.

Handling a massive amount of incoming SMTP is not much of a problem, 
actually.  I suspect RR's problems have a lot more to do with pickup 
than delivery.  Of course if they had called me back after I responded 
to their sysadmin help wanted ad, I'd still be living back home in NC 
and RR would be able to handle obscene loads of SMTP traffic.  ;-)

Note that if any managers from AOL/TW see this, I'm still available, 
just more expensive these days. :)   (But I'm pretty experienced 
handling enough SMTP traffic to saturate 100Mbps pipe pretty easily, 
and if I get the disks I've been asking for I'll let you know if I can 
saturate a 1Gbps network with SMTP)

- --

Magnus Hedemark
"From the Fury of the Norsemen please Deliver us, Oh Lord"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)

iEYEARECAAYFAj7uBdgACgkQYPuF4Zq9lvYs3wCggzAXT5RmQs+zaY3YHG4ESBvW
UUsAn1oh1/DNMHDU/kEKPDWmkl/Pm9o6
=09aI
-----END PGP SIGNATURE-----