Le 14 nov. 2011 à 21:39, Chuck Mariotti a écrit : > After converting a network of computers to use a fairly popular 3rd party > email service (not my decision unfortunately), users are experiencing very > odd issues with email (POP and SMTP based). The 3rd party says we should try > different ports, increase timeouts, etc… and they sometimes take days to > admit they themselves have an issue (after we have jumped through their > hoops). > > One of the issues is email taking a while to be sent out of the network to > the 3rd party SMTP servers… in many cases, items sit in Outlook… with > recipients complaining that they received multiple copies of the same email. > > Anyone have any advice on how to solve this problem?
Do you have a high latency link (satellite or smthg similar) ? Is your routing correctly configured, is there any flapping routes ? Do you have high packet lost ? We need more info to help you. > > My thought are: > > 1. Is there an SMTP server that can run on pfSense 2.0? You have a Postfix forwarder packet that can be used easily. I suggest that you don't deploy any SMTP server on your firewall as this is not exactly the right place to do that. > I would like to be able to monitor the queue, etc… My hope is that the > client computers would stop failing/timing out/multiple deliveries and that > pfSense would just act as the active sender SMTP server. But I need to be > able to manage it easily. Does anything exist? from what I can read about the postfix forwarder package : Postfix mail forwarder acts as a relay server for your domain. It can do first and second line antispam combat before sending incoming mail to local mail servers. Postfix can also detect zombies, check RBLS, SPF, seach ldap for valid recipients and use third part antispam engines like policyd and mailscanner for better antispam solution. You won't have any "queue" monitoring beside the usual postqueue available in postfix (CLI). > 2. How can I monitor in real-time and after the fact on specific > dates/times which of the end user desktop computers is utilizing the most > traffic? Basically, I want to see if someone is downloading a large file, > sending a huge attachment or who is streaming music, etc… You can use zabbix with various specific options to take care of that (though, you'll have global stats, not per-user stats). > > I do not have traffic shaping enabled… the reasoning is that the connection > has bursting and it seems unpredictable on the busts speeds so I would prefer > not to limit connection just to throttle it (unless of course, I’m not > thinking this through correctly). Well, I would start by investigating your connexion because It is obviously the main reason for your troubles. Deploying a good traffic shaping strategy also seems quite reasonable to me ! HFSC will handle your "bursting" quite ok, but be ready for some deep study ! > > Any advice or suggestions? Use pfSense as a firewall, build yourself a mail server using for example : FreeBSD, postfix, dovecot, and for filtering purposes : amavisd-new, Clamav, dcc-dccd You can also use postfix admin to manage your user base and use MySQL as a DB backend. Thanks. G.B. > > > Regards, > > Chuck > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list –––––––––––––––––––––––––––––––––––––––––––––– ---------> Grégory Bernard Director <--------- ---------------> www.osnet.eu <--------------- --> Your provider of OpenSource appliances <-- –––––––––––––––––––––––––––––––––––––––––––––– OSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetO _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
