done with the new goodies in V8) The problem with this solution is that it isn't complete. The effect of spam is still felt on my systems.
There comes a point, combination of mailbox server power + message volume, when mailbox-server-based defenses, and esp content-scanning solutions (Declude, Sniffer, Spamecheck, AV) start to consume a noticeable to unacceptable amount of server power, to say nothing of the WAN bandwidth wasted to by content-scanning tactics.
Most people have tons of excess server power so that point almost never comes.
When it does, they often go buy a new server and outrun the defense/abuse level that was beginning to DoS their previous box.
This brings me to my topic of switching to a better system.
It brings a lot of other satisfied people to a totally different and cheaper tactic of off-loading that defensive work to another box, like IMGate.
I just setup two IMGates for an ISP in Florida, whose fairly powerful Imail box was really starting to groan. Here's his global stats for all day of 3 June:
Grand Totals ------------ messages
120411 received
31030 delivered
53 forwarded
609 deferred (1323 deferrals)
131 bounced
111220 rejected (78%)1070m bytes received 1370m bytes delivered 11769 senders 3763 sending hosts/domains 8726 recipients 1672 recipient hosts/domains
That's 110k messages PER DAY, 5K messages/hour, that are no longer arriving at his Imail box. The positive effect on his Imail box has been dramatic.
Plus, his outbound is sent to IMGate so all that work is also removed.
And his primary IMGate box is not even sweating. (his backup MX IMGate is rejecting about 2k hour for almost no legit mail. aka a honeypot)
After a couple of days of reading other vendors product sheets, I have came to the conclusion that IMail is WAAAAY behind in the Spam department. It seems that most other mail solutions already offer what we have been looking for in IMail. Such as dynamic kill files, tarpitting (for defense against dictionary attacks, mass mailers, IPV4 lookups during the SMTP transaction, Hijack prevention, and the list goes on.
Why would you want to continue running all that on your mailbox server, even if Imail 9 with 100 new features, or IMail add-on's, could run it? The one-box architecture is just too weak, unscaleable, for the today's levels of abuse. The multi-box architecture wins in reliablity, scaleability, redundancy, etc.
My experience with a lot of ISP's says that running your mailbox server as MX is really not prudent any more, and you'll probably get burned by that approach sooner or later.
( btw, I've seen a comment that Exchange accepts all mail per-domain, and then at some later step rejects the msg if Exchange doesn't actually find the recipient in wherever the Exchange user base is stored, like "over there" on the AD server. If this is really how Exchange works, then it confirms my point that Exchange is not suitable as Internet MX host. )
Len
_____________________________________________________________________ http://MenAndMice.com/DNS-training: New York; Seattle; Chicago IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
