but all the work to reduce the mail is done on the mailbox server, and that work is very expensive.
The expense is minimal to reject based on unknown recipient, forged HELO, greylisting, etc.
Does ASSP answer on port 25?
Yes
Does ASSP reject unknown recipients?
Yes, it wouldn't be very useful if it didn't. It does this with a user list and/or LDAP.
I know from many experiences that Imail is very rapidly bogged down simply refusing unknown recipients,
Does Imail reject, like ASSP, or still bounce email to unknown recipients? Does it do this after it has received the entire email or just the envelope?
a job that is best done by a second, upstream box.
Only if needed.
If you have small volumes and small abuse problems, one (powerful) box works fine, but it doesn't scale well.
Small is a relative term. An ISP with many hundreds of thousands of emails a day, trying to run an antispam gateway on the same box as Imail is probably not going to work. There are some that even have to run their outgoing SMTP service on a different box. But there is no reason why somebody couldn't handle 50-100k emails a day on a relatively modern desktop PC running Imail and ASSP on Windows. We handle 10k+ connection attempts daily to some 400 users on an ancient Dell server with two 733mhz Pentium processors and 2GB of PC133 ram. The system runs at <%10 most of the time while constantly rejecting emails. When email is accepted we see a spike on one processor if there is a large attachment due to the antivirus gateway also running on the same computer and then Imail delivering it.
As far as abuse is concerned, one of the nicer aspects of ASSP is connection rejection based on excessive errors and IP penalty score. For example if we receive too many emails to invalid addresses from an IP, that IP gets blocked for a short while. If we continue to get email from this IP to invalid accounts their penalty score increases and they can end up on the extreme block list which blocks them for a greater period of time. Also trying to relay through us or HELO with our domain or send to one of our spam traps will get an IP blocked temporarily.
One thing ASSP does not do is route to multiple incoming SMTP servers for different domains so if you have that need like I do, and you are a cheapskate, like I am, you can use another free product after the anti-spam and anti-virus scanning to deliver to multiple destinations. I use the free open-source hMailserver for this and for future implementation of its multiple AV checking capability. However, with ASSP in front, AV checking is not the concern it used to be as it has dropped to almost 0 a day.
Doug
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
