On 2006/09/28 17:04, Eric Merkel wrote: > I am considering doing an OpenBSD transparent bridge with spamd/pf to > add greylisting to two of our existing email servers.
rdr on a transparent bridge is not entirely straightforward. spamd fits better on a box in the normal (L3) route towards the mail servers. Then you can use carp instead of spanning-tree, too. > My gut instinct says it would be easier to have one bridge so that > I wouldn't have to keep the spamdb synced between multiple boxes but > I want to get other's opinions. What's the worst that's going to happen if the master goes down and you haven't bothered with sync'ing? previously-whitelisted email gets greylisted again and you lose some greytrapped addresses? (if you want more than active/passive, as well as arranging sync of /var/db/spamd, you'll also need something like a PF box in front of the spamd boxes redirecting to a load-balanced address pool consisting of the spamd boxes). > Also, I have no idea what size server I am going to need for the > bridge/spamd machine. We're currently doing between 1.5 & 2 million > emails a day. With some good greytraps, that should drop considerably. I'd be surprised if it wasn't regularly less than 500k. btw: when you're switching in spamd, you can reduce the impact of greylisting delays by running spamlogd for a while before you start rdr'ing (just log _outbound_ mail with 'pass out log' rules while you do this - if you log inbound mail you whitelist spammers). > Can anyone else share what type of hardware/memory etc > they are using for greylisting this many emails? Not me, sorry. -5 -B and -w might help reduce load if you run into problems and need to tweak...
