We use an external service for this called Postini (http://www.postini.com)
It eliminates all of the filtering workload from your mail server as well as keeping this traffic from ever reaching your domain. Filters spam, viruses, etc. Users have the ability to modify there own filter settings and create their own whitelists and black lists. Good Stuff!!! :) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Doug Traylor Sent: Tuesday, September 26, 2006 9:57 AM To: [email protected] Subject: Re: [IMail Forum] Best Gateway Solution For Imail > but all the work to reduce the mail is done on the mailbox server, and > that work is very expensive. The expense is minimal to reject based on unknown recipient, forged HELO, greylisting, etc. > Does ASSP answer on port 25? Yes > Does ASSP reject unknown recipients? Yes, it wouldn't be very useful if it didn't. It does this with a user list and/or LDAP. > I know from many experiences that Imail is very rapidly bogged down simply > refusing unknown recipients, Does Imail reject, like ASSP, or still bounce email to unknown recipients? Does it do this after it has received the entire email or just the envelope? > a job that is best done by a second, upstream box. Only if needed. > If you have small volumes and small abuse problems, one (powerful) box > works fine, but it doesn't scale well. Small is a relative term. An ISP with many hundreds of thousands of emails a day, trying to run an antispam gateway on the same box as Imail is probably not going to work. There are some that even have to run their outgoing SMTP service on a different box. But there is no reason why somebody couldn't handle 50-100k emails a day on a relatively modern desktop PC running Imail and ASSP on Windows. We handle 10k+ connection attempts daily to some 400 users on an ancient Dell server with two 733mhz Pentium processors and 2GB of PC133 ram. The system runs at <%10 most of the time while constantly rejecting emails. When email is accepted we see a spike on one processor if there is a large attachment due to the antivirus gateway also running on the same computer and then Imail delivering it. As far as abuse is concerned, one of the nicer aspects of ASSP is connection rejection based on excessive errors and IP penalty score. For example if we receive too many emails to invalid addresses from an IP, that IP gets blocked for a short while. If we continue to get email from this IP to invalid accounts their penalty score increases and they can end up on the extreme block list which blocks them for a greater period of time. Also trying to relay through us or HELO with our domain or send to one of our spam traps will get an IP blocked temporarily. One thing ASSP does not do is route to multiple incoming SMTP servers for different domains so if you have that need like I do, and you are a cheapskate, like I am, you can use another free product after the anti-spam and anti-virus scanning to deliver to multiple destinations. I use the free open-source hMailserver for this and for future implementation of its multiple AV checking capability. However, with ASSP in front, AV checking is not the concern it used to be as it has dropped to almost 0 a day. Doug To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ <PRE><p>This message is intended exclusively for the individual or entity to which it is addressed. This communication may contain information that is confidential, proprietary, privileged or otherwise legally exempt from disclosure. If you have received this message in error, please notify the sender immediately by facsimile, e-mail or phone and delete all copies of the message.</p></PRE> To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
