copito@??? said:
> To give you some idea of the numbers, our current fallback MX
> processes around 400k unique messages a day. Currently (off peak) we
> have several queues with a total of 80k messages (1.5 GB). Our
> current hardware is a Sun E3000 with 4 CPUs and 1.5GB of RAM with
> queues on a Netapp 630 filer.
Not a cheap config :-)
> Of main interest to us is whether the split_spool_directory will be
> enough to balance the queues (ideally fewer than 4000 files per
> directory) , and what options there are for adding additional flushing
> queues.
For a fallback system, split_spool_directory should balance out pretty
evenly... bursts of traffic would however tend to go into a single
directory.
Personally, I would tend to use multiple commodity boxes for this
rather than the big iron.
For spam (generation) prevention I'd suggest:-
1. Lock down your dialups. Dialups do not need to send direct SMTP
so either block them from doing so, or redirect them using
some form of layer 3 redirection to your mail server.
If people can send mail out without hitting your mail servers
then you are going to be a spam source.
2. System protection. Use the number of smtp sessions control
functions in exim to prevent one idiot DOSing your servers
by using hundreds of SMTP sessions
3. Traffic analysis. Its reasonably easy to write a real time
log analysis tool (I did it in perl) which sits on the exim
log and watches for high traffic from one sender (ip).
You then mark that IP as blocked and deal with the messages
in the system filter. Putting the exim settings so that
multiple messages in a session are queued helps.
There are a few other things you can do but this has worked well in a
previously built system. The one thing you need to do is control the
dialups - otherwise all you can do is play whack-a-mole with the
spammers.
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000 Fax +44 1423 858866 ]
[ - Comments in this message are my own and not ITO opinion/policy - ]
