On Tue, 1 Jun 2010 18:22:06 +0200 Christian Keil <christian.k...@gmail.com> wrote:
> Hello All, > Hello > I am currently in the process of setting up and testing a larger DSPAM > Installation to protect around 1200 Domains with an unknown Ammount of > Users, the current solution is SpamAssassin but rather "resource hungry". > That alone isnt the Problem. Currently I kill about 95-98% of the Spam that > reaches the Gateways, however recent Spams (such as those Fake Rolex Ad > Spams) pass trough cause they are coming from proper configured Hosts and > dont trigger any ClamAV Signatures and reach a rather low Score of 2.5 and > below on SpamAssassin (lowering the Spam Score would cause way too many FP) > thats why I am looking for alternatives, I'm using DSPAM since 2006 on my > own Mailserver at home but now I need something large and > Performance/Troughput is a big issue here. > > > The current Setup consists of > > 2x Postfix as MX with Policy Daemon, SR-52 Regex, ClamAV (i want to bounce > virii mail rather than accept+quarantine) > > Those 2 are handing over Mails to the currently as active/passive Planned > DSPAM Server > > during my evaluation I had quite different results, firstly i tested handing > over mails trough lmtp direct into DSPAM and then reinject into Postfix > running on that Machine. The Performance was very good, i reached 5k Mails > per Minute. (25kb size generated with smtp-source) > > Next tests were done locally on the DSPAM Machine after recieving mail I had > Postfix use content_scanner from master.cf and piped it into dspam client > aswell as dspam socket. > > Pipe was fast as hell however the lmtp socket of dspam itself not. > Pipe was faster than using Postfix to send to DSPAM daemon over LMTP? Really? What did you use for the pipe? dspam or dspamc? > One thing that really annoyed me that if dspam is called from Postfix I have > each Mail twice in my Mail Logfile which makes it alot harder to > debug/analyze in case a Problem arises. > You could instruct your system logger to use another log for DSPAM then the mail logfile. > Are there any Drawbacks if my setup uses the following: > > mx -> ltmp -> dspam-daemon -> localpostfix-on-dspam-machine -> smtp-relay -> > final-mailbox|quarantine-imap-server > This is what I use. Not exactly but close. I have two systems. mx1 and mx2. each of them have a Postfix installation and DSPAM on it. DSPAM storage is MySQL. Both instances (mx1/mx2) have their own MySQL server running. The two MySQL instances are using master/master replication. The SMTP server is Postfix and I send over LMTP directly to DSPAM and then back from DSPAM into Postfix and then Postfix delivers the mail to whatever transport is active for the domain. Mostly it is Dovecot deliver. But on some domains I have other transports. > instead of > > mx -> smtp -> localpostfix-on-dspam-machine -> dspamc/dspam-daemon -> > localpostfix-on-dspam-machine -> smtp-relay -> > final-mailbox|quarantine-imap-server > IMHO this is too much. The above setup is lighter and does the same. > I cannot afford to loose any email at all in case dspam dies in the middle > of a transaction or while processing the mail. > Why should DSPAM die? > I'm all ears for any Tips that one can give me. > > Thanks for Reading and hopefully everything I wrote is clear - english is > not my native language. > > Kind Regards > Christian Keil -- Kind Regards from Switzerland, Stevan Bajić ------------------------------------------------------------------------------ _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
