Hi, I have the "correct" setup in most of my servers. But like I sad, sometimes I notice best performance results when Postfix take care the initial handshaking. If you have more than 30-40 connections concurrently in ASSP, the initial MTA banner sometimes takes a long time to appear (still in 2.x version) and the message transfer throughput can be a problem.
I will research about exim more deeply. Thanks, Alexandre 2014-09-02 10:07 GMT-03:00 Mr. Courtney Creighton <a...@dezignguy.com>: > Well, it still looks like you're just duplicating the inherent > functionality of ASSP the hard way. ASSP doesn't 'reinject' anything... > as a transparent proxy, it is always passing the SMTP conversation to > and from the mailserver. > > If I am reading your original message correctly, then the way you > apparently have your mailserver configured sounds like you have Postfix > listening on port 25 and 587, and then you use the content_filter to > pass it off to ASSP which then loops back into another port that Postfix > is listening on (without content_filter - so you don't have an endless > loop) which then sends it on to the mail's destination. So you basically > have Postfix talking to itself, in a loop, with ASSP in the middle. > > If that is your setup, then that's definitely the hard way, and > unnecessary, and I don't see how you can possibly save any resources on > a high traffic system with it. If you have Postfix doing any sort of > mail/ip preliminary checks or initial blocking, it's usually quite > possible to either do those checks in ASSP or specifically configure the > mailserver to handle the needed checks with ASSP in front of it. > > You could indeed implement that same Postfix config with exim, but I > wouldn't recommend it. > > But yes, it's kinda a problem if you're using ASSP v.1. It's been a > while since I moved to v2, and I don't remember the config changes I had > to do for the migration. You can, and should, migrate to v2, by > installing a newer version of perl in /opt and configuring assp to use > that version (if that's the blocking reason why you're still using v1 > there). Remember to install the necessary cpan packages there too. > > But if you're still interested, I can provide my exim-specific assp > config - basically the network setup - and you can translate it as > necessary for your v1 setup. > > -C > > > Alexandre de Arruda Paes said the following on 9/1/2014 4:41 PM: > > Hi, > > > > I have about 50 servers with ASSP. With postfix installations (standalone > > or with Zimbra), I use ASSP 2.x as a proxy. But, in high traffic > > enviroments, the best way is to allow MTA to do this job after antispam. > > In this particular server, we use exim instead postfix and ASSP > > 1.9(yes,this is part of the problem). Then, I want to test a similar > > scenario to try avoiding problems with this version of assp. :} > > Em 01/09/2014 19:03, "Mr. Courtney Creighton" <a...@dezignguy.com> > > escreveu: > > > >> ASSP/Exim does that automatically, just with setting it up properly. > >> > >> Your users sending good mail on port 587 should be authenticated, and > >> ASSP will use that information for the notspam collection and whitelist > >> additions... with the proper settings. It's all automatic, if you have > >> the settings correct. And you don't need to "reinject" mail. > >> > >> And your flow diagrams are incorrect... they should look something like > >> this: > >> > >> Internet -> ASSP proxy (25) -> ASSP (spam test) -> exim -> local > delivery > >> Internet -> ASSP proxy (587) -> ASSP (/notspam collect) -> exim -> relay > >> to internet > >> > >> If you need help with setting up the ports in ASSP/Exim, let me know and > >> I'll show you my config for that. > >> > >> -C > >> > >> > >> Alexandre de Arruda Paes said the following on 9/1/2014 1:54 PM: > >>> Hi, > >>> > >>> My skiil in exim are minimal, but I need to use it in one server. > >>> I'm thinking about a way to do the following: > >>> > >>> Internet -> exim (25) -> ASSP (spam test) -> exim -> local delivery > >>> Internet -> exim (587) -> ASSP (/notspam collect) -> exim -> relay to > >>> internet > >>> > >>> If an e-mail come to submission, I use ASSP to collect notspam. If the > >>> e-mail come > >>> to local delivery, ASSP will test e-mail and if it's is ok, reinject to > >>> exim. > >>> > >>> In postifix, this is very easy by setting content_filter in master.cf > >> and > >>> using relay host and relay port in ASSP to reinject e-mail in a port > >>> without content_filter. > >>> But I don't know how to do this in exim. > >>> > >>> Best regards, > >>> > >>> Alexandre > >>> > >> > ------------------------------------------------------------------------------ > >>> Slashdot TV. > >>> Video for Nerds. Stuff that matters. > >>> http://tv.slashdot.org/ > >>> _______________________________________________ > >>> Assp-user mailing list > >>> Assp-user@lists.sourceforge.net > >>> https://lists.sourceforge.net/lists/listinfo/assp-user > >>> > >> > >> > >> > ------------------------------------------------------------------------------ > >> Slashdot TV. > >> Video for Nerds. Stuff that matters. > >> http://tv.slashdot.org/ > >> _______________________________________________ > >> Assp-user mailing list > >> Assp-user@lists.sourceforge.net > >> https://lists.sourceforge.net/lists/listinfo/assp-user > >> > > > ------------------------------------------------------------------------------ > > Slashdot TV. > > Video for Nerds. Stuff that matters. > > http://tv.slashdot.org/ > > _______________________________________________ > > Assp-user mailing list > > Assp-user@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/assp-user > > > > > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/ > _______________________________________________ > Assp-user mailing list > Assp-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-user > ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
