I am considering doing an OpenBSD transparent bridge with spamd/pf to add greylisting to two of our existing email servers. Both servers have equally waited MX records pointing at each of them and they both reside on the same subnet/ethernet segment.
Would it make more sense to have one system acting as the firewalling bridge in front of the email servers or should I use two bridges? My gut instinct says it would be easier to have one bridge so that I wouldn't have to keep the spamdb synced between multiple boxes but I want to get other's opinions. Also, I have no idea what size server I am going to need for the bridge/spamd machine. We're currently doing between 1.5 & 2 million emails a day. Can anyone else share what type of hardware/memory etc they are using for greylisting this many emails? Thanks in advance! -Eric
