Len,
Alligate can also be installed on the same box as IMail, and it
dramatically reduces the resources that are used. Alligate currently
relies on no external resources to do it's job, all it needs is the
MXRate database to be downloaded which the gateway manages on it's own.
The net effect is that not only are things like dictionary attacks
repelled, it also handles virtually all zombie spam and viruses with
"selective greylisting" and two levels of tarpitting which can also
drive away some static spammers. The beauty of this is that you kill
the easy to kill stuff with a lean tool, and you leave the processor
intensive stuff to a second level of deep scanning which could be
IMail's antispam, Declude, mxGuard, or even IMGate. Alligate on my
system blocks about 93% of all incoming connections and uses only about
3% CPU on average. What is left is 2/3 good E-mail and 1/3 spam which
Declude and a host of plug-ins takes care of.
One other great thing about Alligate is that it can either take in
address lists (in the same format as IMGate), or it will resolve
addresses in real-time off of a target system. For instance, you could
gateway for multiple different servers, validating addresses off of each
one in real-time, or mixing it so that some do the SMTP validation and
others use the flat-file. It can also route different domains to
different servers, and you can set it up to round-robin or fail-over for
delivery to a group of secondary servers that sit behind the gateway.
Alligate can even be used to deliver E-mail for one's customers by
supporting SMTP AUTH (which it validates off of the actual E-mail host).
Alligate Gateway doesn't try to be all things to all people, it just
tries to be a pre-scanning gateway and does a great deal for very, very
little cost. It also doesn't just copy existing techniques like
tarpiting and greylisting, it improves on them so that they are less
problematic and even more effective. It does cost money for purchasing
Alligate, but it is far less expensive than a separate server and it is
easier to operate for those of us that are mostly familiar with Windows.
http://www.alligate.com/SMTPGateway.htm
It's not that IMGate isn't a good gateway, it's that it isn't as deep as
some of us desire for an anti-spam solution, and therefore separating
the pre-scanning and deep-scanning functions makes sense when spam is a
serious concern, and Alligate Gateway is as light, effective, and
accurate as could be.
Matt
Len Conrad wrote:
ASSP, Declude, Sniffer, Imail anti-spam/virus all require
additional, significant processing on the mailbox server.
The point is the two-box solution, whatever the software.
Not neccesarily. The ASSP solution on the same box will drasticly
reduce the amount of mail received and passed on for AV testing and
mail delivery.
but all the work to reduce the mail is done on the mailbox server, and
that work is very expensive. Of course if you have a low-volume of
message and 3+ GHz, 2 GB RAM, and 15K RPM SCSI to handle it, you can
do everything on the mailbox server.
Does ASSP answer on port 25? Does ASSP reject unknown recipients? If
Imail answers on port 25, I know from many experiences that Imail is
very rapidly bogged down simply refusing unknown recipients, a job
that is best done by a second, upstream box.
If you have small volumes and small abuse problems, one (powerful) box
works fine, but it doesn't scale well.
Len
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
