Ramprasad wrote:
> On Fri, 2006-09-29 at 08:12 -0400, Michel Vaillancourt wrote:
>> Ramprasad wrote:
>>> Why not SPF ??
>> Over two thirds of the email I receive that is UCE/Spam has an
>> "SPF_PASS" associated with it from SA. All SPF seems to do is make the
>> "stupid" spammers look more stupid. The clever ones aren't affected.
>>
> I have a script that automatically blocks SPF-pass domains sending spam
> consistently. you could make good use of the SPF_PASS too.
>
Care to share? This would be very handy.
>>> What is the point accepting the mail and the entire data and then
>>> scanning for DK when It should have ideally been rejected after
>>> "mail from:"
>>>
>> That would be the exact point of DK at the Postfix/ MTA level.
>
> How. All the while I thought dkfilter helps me block after dataend ? Do
> I have to RTFM again ?
>
My mistake.. this one runs as a content filter. The same author is
working on a DKIM Proxy that would be your first point-of-contact and handle
the "mail from" intercept. I got confused.
>
>>> So I let SA do the testing .. which catches the spams but eats resources
>>> of my servers. When you receive 3-5 million mails a day you tend to
>>> bother more about resources
>>>
>> I would humbly submit to you that if you move that much traffic, you
>> should be able to justify one more MX machine in the pool and implementing
>> DK.
>>
> We have 8 dual xeons already. for this much traffic. And servers are
> always loaded with all kinds tests enabled in SA
>
I'm curious... what is the RAM/ MHz spec of your machines? 5M mail/day
is 7 mail per second per machine... at a median 8 seconds mail handle time,
that is 57 mail in the pipes at any one time... 50Mb for SA or anti-virus per
message works to about 3Gb of RAM in use. I can see your concern. However,
again, I'd say that even two more machines in the pool would bring that down to
~2GB of RAM in use per machine, and that should give you the cycles and memory
to run SPF queries as well as DK filters.
I do understand the notion your boss might not be willing to put
another $5K down to deal with the problem. However, as anyone can attest to,
good customer service costs money to provide.
--
--Michel Vaillancourt
Wolfstar Systems
www.wolfstar.ca
