[TriLUG] mailing list server filtering setup questions

Cristóbal Palmer cristobalpalmer at gmail.com
Thu Dec 20 15:08:30 EST 2007


Firstly, thanks for your thoughtful and detailed responses.

On Dec 20, 2007 1:41 PM, Michael Hrivnak <mhrivnak at hrivnak.org> wrote:
> As others have said, spammers often relay through the lower priority mail
> handlers in hopes that there is less filtering.

Yep. I get it now. Gonna make it unaccessible from the outside world
as soon as that's feasible.

> My primary concern with your plan is the need to failover into no filtering.
> If you don't trust your filter relay to be a reliable machine, you really
> shouldn't be using it.

One of the hazards of running on donated hardware. This is why I like
to ask questions here: airing ideas reveals the faulty assumptions or
bad rationalizations.

> As for hardware, I'm handling 10-12k messages per day on an Athlon XP 2500+
> with spamassassin and clamav.  For performance, it helps to use spamd and
> clamd.  The machine you describe is major overkill for 860 messages/day.

That's valid list posts, ie. inbound messages that mailman decided to
say, "yes this is a valid post to a valid list; I'll send it out."
There are about 40k smtp transactions per weekday. I should probably
dig more into the logs to get an accurate sense of the volume of spam
that the filter(s) will have to deal with.

> I have a postfix gateway in production very similar to the one I suggest for
> your situation, and I am happy to offer more specific help on how to get
> yours going.

Great! I'll be sure to post back if I run into specific trouble. I'm
hearing several people mention clamav and fewer mention amavisd. Shall
I limit myself to postfix, some greylisting daemon (which?),
spamassassin, and clamav? Anything else this machine should be doing?

> When you are satisfied that they work, then you can change your DNS records
> to put them in production.

That's about what I was thinking, but part of me would like to figure
out how to test what sort of load the setup can/should handle. If it's
going to fail, I'd like to have a good sense of which way it will
fall. :)

Again, thanks so much for the comments!

Cheers,
-- 
Cristóbal M. Palmer
celebrating 15 years of sunsite/metalab/ibiblio:
http://tinyurl.com/2o8hj4


More information about the TriLUG mailing list