* On 01/08/06 20:58 +0100, Jeremy Harris wrote:
| Odhiambo G. Washington wrote:
| > I need some advise on a task I am working on towards spam control and
| > bandwidth saving. I am going to have a dedicated server hosted somewhere
| > upstream and this server is going to be my highest priority MX for several
| > thousand domains.
|
| I assume you have a low-bandwidth (or expensive) link?
Expensive.
| Where are your secondary MX's (given that plenty of spammers hit them
| by preference or stupidity)?
In my server room here ;)
It's local to where I sit.
| > Basically, I want to save as much bandwidth as possible by stopping spam
| > and viruses upstream.
| >
| > There is not going to be any local deliveries on this server though.
| > What I want to do is to "let it know" all the recipient addresses on
| > the thousand domains. I'll be synchronising the list of recipients to
| > this server at good intervals to keep the recipients list updated.
| > Any mail that is not addressed to the "known" recipients need to be
| > rejected out there, just like the identified spam and virii. I just
| > need to get advise/warnings on:
| >
| > 1. What is the dandiest way to do this? After all dnsbl, I want to
| > accomplish all the checks at acl_smtp_rcpt and reject any unknown
| > recipients.
|
| Do you have any constraints on data formats? That is, is your recipient
| address list already in one place with you not wanting to do a
| conversion? If it is, then you replication method needs to fit the
| existing data store.
My data is going to be generated in the form or local_part@???.
Most of it is in MySQL db, while some are in /etc/passwd.
I think the challenge is going to be in handling aliases, now that
you've raised such an issue...
| What is your allowable latency for an update - a few seconds, or days?
I haven't understood the question, sorry. Could you please rephrase?
Basically I am going to formulate a policy on the update schedules.
| Do your secondary-MX systems need access to the same data?
| With what update-latency?
They may, but it's not a priority at the moment, although I need to
think about the secondaries issue again ;)
I'll probably put a secondary out there as well.
| Would merely having a database (pgsql, mysql or whatever) on the
| primary-MX machine suffice, with you doing manual operations on it
| using command-line tools from your downstream sites?
It might, but I haven't considered this, as lookups will be involved,
translating into constant traffic down my link, which I could save
with scheduled rysnc/other update method.
I want the server out there to have the information "locally" in
something like cdb.
cheers
- wash
+----------------------------------+-----------------------------------------+
Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE) |
wash () WANANCHI ! com . 1ere Etage, Loita Hse, Loita St., |
GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI |
GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"
--from a /. post
