Author: Alan J. Flavell Date: To: Exim users list Subject: Re: [Exim] roadrunner broke my new toy..
On Sun, 13 Jun 2004, Jeff Lasman wrote:
[lots of detail snipped]
We're in the fortunate position of having a machine which can handle
the SMTP transactions -and- the scanning, on the scale of our
operation; although we're careful to apply as many low-cost rejection
rules as we can, before finally proceeding to the DATA phase and
taking the hit of scanning. So, although most *accepted* mails get
scanned, a large proportion of *rejected* requests are rejected at an
earlier stage in the processing and thus at relatively low processing
cost.
But if we were a large enough operation for that not to be feasible,
then I think my money would be on having the front-end machine be the
one that knew about valid users, and applied the low-cost ACL rules
and issued the actual rejections; and the back-end machine(s) be
responsible for running scanning daemons, with some lightweight
protocol between the front and back end machines. spamc/spamd is
Spamassassin's solution to this, for example.
What you do if/when the back-end processes go belly-up is some kind of
business decision. Some might decide in the interests of not impeding
mail that they'd just bypass scanning if the scanner can't be
contacted; others would make anti-spam/virus their priority and issue
a defer status to the offering MTA until the back-end processes were
accessible again. YMMV.
But as I say, I don't need nor have hands-on experience of doing that,
so I think it's time to shut up now, and hope you get advice from
folks who actually do it for a living. ;-}