On Monday 24 January 2011 01:22:09 kashani wrote: > On 1/23/2011 4:26 PM, Alan McKinnon wrote: > > Apparently, though unproven, at 02:02 on Monday 24 January 2011, kashani > > did > > > > opine thusly: > >> On 1/23/2011 12:20 PM, Alan McKinnon wrote: > >>> It manages it's own queues beautifully. But, and this makes me sad, it > >>> doesn't really want *me* to manage it's queues. Border controls are > >>> hard, and finding the 1,000 mails some idiot with a Windows bot just > >>> sent, and deleting them, is really hard. > >>> > >>> I'm redesigning our mail setup at work,a nd I'm going to do it with > >>> exim *and* Postfix. Exim is the front end I can see, work with, and > >>> manage. Exim sends on to Postfix as fast as it can, and Postfix > >>> transparently relays to recipient. I get best of both worlds :-) > >>> > >> I can't say I've ever needed anything more than mailq | grep |awk | > >> > >> postsuper -d - in order to delete mail from the Postfix queues. What > >> sort of things are your trying to do other than delete a lot of spam or > >> bounces? > > > > First, our internal mail system deals with about 3,000,000 mails a day > > Mon-Thu so grep | postsuper is a tad inadequate, even if just on the > > basis of volume > > > > The basic tools are fine as long as you understand what they are dealing > > with - raw text. As soon as you run mailq you have text, you no longer > > have intelligence about what that text means. So you need lots of > > grep-fu. > > > > I can't control what the users mail out, sometimes they have automated > > systems that do silly things like send 10,000 notifications an hour to > > an SMS gateway when they cocked up Nagios. Finding the dodgy ones is no > > fun when there's a lot of perfectly valid ones in the mix too, and grep > > doesn't help much other than blindly selecting text matches. > > > > There's lots more examples, but they all follow a similar theme. > > Thanks for the extra detail, I found what you're describing very > interesting. I've never dealt with Postfix with more than a couple > hundred internal users and more often as spam our customers system. > Other than the occasional Nagios blasts I haven't had to deal with much > of this. > In regards to controlling what users send is it feasible to use a > policy server for rate limiting them? The ability to use an extra lookup > service to decide whether to access main, filter it, allow relay, etc is > one of the things I think Postfix does well. However I suspect the > management and hand holding of a rate limit system would create more > overhead than cleaning out the queue periodically.
[Off-topic] Can't you set up nagios to only send out a single alert when a monitored variable goes down - can't remember the parameter off hand but that's what I did when the default nagios setting proved to be too trigger happy for the users' needs. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
