Jean-Paul natola wrote: > >> I have spent some time working with Barracuda 'spam' firewalls which >> have this (or a lower) specification and they can easily handle quite a >> lot of work (hundreds of domains, thousands of messages). Inside they >> are just a Linux box running a couple of MTA's, clamav, amavis-new, > > > More than one MTA on box? > > > > As you can probably tell, I'm not that well versed in the *nix world > > > > Is this possible with freebsd? > >
Any of the *BSD. And essentially word-for-word as Ron described his filtering steps ... A few stats for a 12+ month period: 64.8% of attempted connections are rejected while still in CONNECT phase 90.8% of attempted connections are rejected before reaching DATA phase. ClamAV is vanilla. SA is stripped of ANY test Exim could - and does - do first. Of the arrivals that survive to call uppon either scanner.... 9.2% of attempted connections ever reach DATA phase and are scanned, .8% of attempted connections are rejected in DATA phase by SA scanning 3.3% of attempted connections are tagged or quarantined by SA as 'Suspect' 8.4% of attempted connections are actually delivered, 'possible' spam included in that - but to one or more IMAP folders marked as 'Suspect'. With aggressive blocking of zombots ClamAV sees a WinCrobe or phish only a few times a *year*. With hardware encrytion (VIA CPU) giving a roughly 20:1 advantage over not, and the stripped SA invoked for less than 10% of offered connections there isn't much load. > > > >> apache and spamassassin. Some are only 512k and cope very well. > > > I was just looking at barracuda appliance, GULP 2k plus 500 yearly updates > ouch > VIA C6 MB @ US$ 70. Twin 80 to 500 GB WD SATA on ATACONTROL, GMIRROR, or SoftRAID are cheap. HK$ 1,300 1U case & PSU... typically 4 to 6 year component life - HDD included, fans excluded. IPFW or PF has all one needs for clever firewalling. FreeBSD if you are hooked on raw speed, feature-heavy, Linux-like 'come play with me' environment. OpenBSD for 'JFW' fire-and forget with semi-annual sub-ten-minute updates. Replace all fans every year or two just on principle. Spend the savings in time, money, and sleep on interesting comestibles and blanket-sharers. Life is too damn short to drink bad wine, use unreliable gadgets, or sleep with a bitchy partner. > > > > > > > The one thing I REALLY like about the barracuda is the LDAP and the per user > Quarentine , > > is there anyway to accomplish this in opensource? > Done here with PostgreSQL. Done elsewhere with MySQL, SQLite, as well as LDAP, DB, CDB - even flat-files. Per-domain, per workgroup, per-user - whatever. Lowly VIA CPU still* doesn't break a sweat. Best, Bill -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
