Ramprasad wrote:
> On Fri, 2006-09-29 at 08:12 -0400, Michel Vaillancourt wrote:
>> Ramprasad wrote:
>>> Why not SPF ??
>>      Over two thirds of the email I receive that is UCE/Spam has an 
>> "SPF_PASS" associated with it from SA.  All SPF seems to do is make the 
>> "stupid" spammers look more stupid.  The clever ones aren't affected.
>>
> I have a script that automatically blocks SPF-pass domains sending spam
> consistently. you could make good use of the SPF_PASS too. 
> 

                Care to share?  This would be very handy.

>>> What is the point accepting the mail and the entire data and then
>>> scanning for DK when It should have ideally been rejected after 
>>> "mail from:"
>>>
>>      That would be the exact point of DK at the Postfix/ MTA level.
> 
> How. All the while I thought dkfilter helps me block after dataend ? Do
> I have to RTFM again ? 
> 
        My mistake..  this one runs as a content filter.  The same author is 
working on a DKIM Proxy that would be your first point-of-contact and handle 
the "mail from" intercept.  I got confused.

> 
>>> So I let SA do the testing .. which catches the spams but eats resources
>>> of my servers. When you receive 3-5 million mails a day you tend to
>>> bother more about resources
>>>
>>      I would humbly submit to you that if you move that much traffic, you 
>> should be able to justify one more MX machine in the pool and implementing 
>> DK.
>>
> We have 8 dual xeons already. for this much traffic. And servers are
> always loaded with all kinds tests enabled in SA  
> 
        I'm curious... what is the RAM/ MHz spec of your machines?  5M mail/day 
is 7 mail per second per machine...  at a median 8 seconds mail handle time, 
that is 57 mail in the pipes at any one time...  50Mb for SA or anti-virus per 
message works to about 3Gb of RAM in use.  I can see your concern.  However, 
again, I'd say that even two more machines in the pool would bring that down to 
~2GB of RAM in use per machine, and that should give you the cycles and memory 
to run SPF queries as well as DK filters.

        I do understand the notion your boss might not be willing to put 
another $5K down to deal with the problem.  However, as anyone  can attest to, 
good customer service costs money to provide.

-- 
        --Michel Vaillancourt
        Wolfstar Systems
        www.wolfstar.ca

Reply via email to