ed wrote:
I think you should off load the processing work. Look into running a
remote clamd/spamassing, or setup multiple mail hubs jms has a guide on
that at http://qmail.jms1.net

I agree he needs to offload, but the jms1 way seems very cumbersome.

We have sendmail boxes as front line, that do all the pre-connect tests easily without adding in 35 patches like we have to make qmail modern-ish and then anti virus/spam/phishing/etc tests, one important factor is the milter smf-sav which asks the database server (we call) "qmaster" (a vpopmail/mysql db server) if user exists to avoid backchatter, if it does, then sendmail sends to "qrouter" which is a simple qmail/vpopmail install that accepts the mail and puts it into the users dir (which are NFS attached) all the nfs stuff and qmaster and qrouter all operate on pvt address space, on second gbit port for added protection, but of course could be run on live net interfaces if you dont have the option of dual ethernet.

(we tried postfix with its remote recipient verification, but it cant handle the loads and even its author recommends not to use on very busy systems, we dont use qmail on the front line boxes because we dont have to fear breaking patches trying to incorporate RBL, SPF, SAV, DNS checks, badmx zone checks, bad helo, force helo, and milter-regex to stop all home users etc etc etc, sure we might end up geting qmail to do all these, but after how many hours, when with sendmail its just there and adding a milter after another milter cant break patching like with qmail :) )


Reply via email to