My homework is: 1. Install and configure dnscache. 2. Look into RBL at the MTA. 3. Begin to investigate user authentication at the MTA.
Some questions, 1. Does anyone have an opinion as to what RBL to contact? I know there are quite a few. 2. Once this is in place should I re-activate pzyor, dcc or razor? Is one better than the other? Are there advantages to either? -----Original Message----- From: DAve [mailto:[EMAIL PROTECTED] Sent: Friday, February 10, 2006 1:19 PM To: users@spamassassin.apache.org Subject: Re: General assistance Ed Russell wrote: > User validation is going to be tough or all but impossible. This box > forwards off the mail to an NT box running SL Mail. There is no easy way to > get a userlist out of this product. In addition the users change daily and > some even use multi-drops. You don't need to get a user list, you just need to ask the destination server if the user exists before accepting the message. This is what milter-ahead does on my MailScanner servers. I process and forward to servers running qmail(my toasters) and Exchange, GroupMail, Groupwise, Sendmail(my clients servers). All respond correctly to milter-ahead. I do not know of a way to duplicate milter-ahead in qmail without requiring something like vpopmail or LDAP. Did you look at using dnscache? That might buy you enough breathing room to shop around for a solution to user verification. DAve > > Ed > > > --------------------------------------------------- > > Talk is cheap since supply always exceeds demand. > > --------------------------------------------------- > > > -----Original Message----- > From: DAve [mailto:[EMAIL PROTECTED] > Sent: Friday, February 10, 2006 12:39 PM > To: users@spamassassin.apache.org > Subject: Re: General assistance > > Ed Russell wrote: > >>[EMAIL PROTECTED] smtpd]# spamassassin --version >>SpamAssassin version 3.1.0 >> running on Perl version 5.8.7 >> >> >>Spamd running with: >> OPTIONS="-L -x -d -u nobody -m 45" >> >>No user verification or RBL at the MTA level. > > > Absolutely do user verification. I can throw out from 20% to 80% of my > traffic depending on the current level of dictionary and Joe-Job > attacks. Since you are processing ahead of your clients Exchange boxes > I'm not sure how you can do that with qmail. I do it on my gateways > running MailScanner via milter-ahead, and on my toasters via checkuser > in vpopmail. > > There might be a way to get qmail to check with an Exchange box to > validate a user without running vpopmail, but I won't know it. > > DAve > > >> >>12:20pm up 4:05, 1 user, load average: 9.49, 9.23, 9.23 >>313 processes: 300 sleeping, 12 running, 1 zombie, 0 stopped >>CPU states: 18.9% user, 16.6% system, 0.0% nice, 64.4% idle >>Mem: 2009856K av, 711560K used, 1298296K free, 353776K shrd, 129268K >>buff >>Swap: 2097136K av, 0K used, 2097136K free 225380K >>cached >> >>As you can see I have loads of head room as far as memory goes. I was >>looking into integrating RBL into Qmail, but with the very high volume I > > am > >>quite concerned that this will introduce a slowdown. If I increase the >>inbound concurrent rate I eventually run into qmail-scanner problems with >>reformime. Is there anything else I need consider? >> >>Ed >> >>--------------------------------------------------- >> >> Talk is cheap since supply always exceeds demand. >> >>--------------------------------------------------- >> >> >>-----Original Message----- >>From: Kristopher Austin [mailto:[EMAIL PROTECTED] >>Sent: Friday, February 10, 2006 12:06 PM >>To: [EMAIL PROTECTED]; users@spamassassin.apache.org >>Subject: RE: General assistance >> >> >> >>>-----Original Message----- >>>From: Ed Russell [mailto:[EMAIL PROTECTED] >>>Sent: Friday, February 10, 2006 10:51 AM >>>To: users@spamassassin.apache.org >>>Subject: General assistance >>> >>>Am I completely off base in the way I have this all setup? I have >> >>went >> >> >>>with >>>a higher speed HD to increase the threshold on file I/O. Can I tune >> >>the >> >> >>>performance of razor etc while maintaining delivery time? Is there >>>anything >>>else I should be considering? If I have not explained things well or >> >>more >> >> >>>information is needed I will certainly provide anything. >>> >> >> >>A few questions I have: >>What SA version are you running? spamassassin --version >>What do you have --max-children set to? >>How much memory do you have free when the box is fully loaded? >> >>I'm trying to see if you have any headroom left to have more spamd >>children running. It sounds like your problem is with waiting on DNS >>returns. This should mean that you have plenty of processing power >>remaining just not enough children to handle the requests. >> >>Other things to consider: >>Do you use RBLs at the MTA level? >>Do you have user verification at the MTA level? >> >>Look for messages your MTA can drop before sending to SA. >> >>Kris >> >> >> > > > >
