On 07/27/2015 07:03, Paul Stuffins wrote:
>> Instant question: what is your load? Why separate servers?
>> You're adding a lot of complexity by insisting on that.
>
> My load at the moment is not that huge, I think I get a couple hundred
> emails a day, most of them are spam even with my current spam solution
> in place.
A single box running Exim, the spam filtering, and the mail storage can
handle a LOT more mail than a few hundred mails a day.
Referring to your original post:
https://lists.exim.org/lurker/message/20150726.191522.50e7b2a9.en.html
For spam filtering have a look at the exim4-daemon-heavy package in
Debian which contains the exiscan-acl patch. What's really nice about
this is that this can call the spam filtering late in the process, so
you can do a lot of CPU cheap checks up front, and allows for
denying/rejecting the mail after spam classification rather than having
to do "accept then drop". With many cheap checks so that the spam
filtering is only done when needed, a box running Exim can deal with
thousands of messages a day at < 1% CPU load.
> As for wanting separate servers, mainly for upgradeability. If I
> want/need another SMTP relay, I don't really want to install all the
> spam/av stuff on it and same for the datastore.
Re: upgrade-ability: if your concern is downtime then you could
"simulate" the Debian upgrade via duplicating the packages and
configuration in a VM, make a snapshot of the VM, and then test what
happens when you upgrade. This allows you to know what's /going/ to
happen, so you can do all of the configuration changes that are needed
and have those files ready for the /real/ upgrade.
If you split the mail service up into several servers, tracing a single
mail via logs becomes a lot more work, and instead of dealing with
upgrades for only one box now you've got several, and a more complicated
DNS structure to route the mail too. I've created these kinds of setups
professionally, but I think it's better to avoid that if you can. The
breakpoint I think is > 500 mailbox users and/or dealing with more mail
than a single box will handle.
The HowToForge link you found looks interesting, but a bit overkill...
it does mail routing via LDAP, which I used to do, and it complicates
adding users because it requires making a new LDAP entry. This is
really meant for when there are multiple mail stores so that each user's
mail can be routed differently. If you're only doing your own mail
right now, you won't need this; it's possible to do Virtual Users via
text file lookups too, and it's a lot more convenient to add entries via
a text editor.
Realistically I think the best place for you to start is a simple setup
with Exim in a VM. Take some time to get a feel for how to configure it
and what kinds of setup work for you.
-- Chris
--
Chris Knadle
Chris.Knadle@???