[Mimedefang] Performance Benchmarking / Experiances
John Scully
jscully at isupportisp.com
Thu Sep 25 15:18:00 EDT 2003
Because we are NOT allowing outbound mail through this filtering cluster
- it only accepts mail inbound to our 400 mail domains, so no relay
check is required, only a check of the recipients. Any recipient not on
our mail domains gets a relay denied response.
You (and everyone else who made basically the same response) did not
notice that this is an inbound only server cluster. Remember that the
normal sendmail setup with local-host-names and access.db sendmail ONLY
consults the access.db if the recipient domain is not in
local-host-names. If it is for "local delivery" it is not a relay. It
is possible to use it to control known spammer IPs, but most of the
traffic I am seeing is from random IPs.
The issue is one of relative performance - yes, access.db can be used
for "so much more", but it still does only what sendmail will do. By
putting the control in mimedefang I decide how to handle it. And since
I hit 400 messages per minute yesterday with no load issues I do not see
what I would gain by using access.db.
As to wasting bandwidth - because I am using filter_relay I only process
the envelope - the message is never received. This is exactly the same
result as using access.db, since it looks at every recipient and decides
if it is for local delivery or not.
Perhaps I should have been clearer about what we do - sendmail may be
set up as a promiscuous relay, but the mail server is rock solid. If it
is not for my domains it does not get through.
John
-----Original Message-----
From: mimedefang-admin at lists.roaringpenguin.com
[mailto:mimedefang-admin at lists.roaringpenguin.com] On Behalf Of Cormack,
Ken
Sent: Thursday, September 25, 2003 1:10 PM
To: 'mimedefang at lists.roaringpenguin.com'
Subject: RE: [Mimedefang] Performance Benchmarking / Experiances
Absolutely you should be using access.db!
If you can have access.db block a connection from and IP address, why
then
would you want to otherwise encure all the bandwith and computing
horsepower
receiving the message, picking it apart, parsing it, examining, scoring,
scanning, and whatnot, then to only decide "oh, it's just crap... throw
it
away."?
If you saw the stats I posted earlier, the mailstats output at the top
showed 9205 rejections, and 1327 discards for esmtp for just yesterday,
all
based on access.db on my system. That's 15000 more messages that I
would
have had to process, had they just not simply had the door slammed shut
at
the moment of connection.
Access.db can be used for SO MUCH more than that, too. You might
seriously
want to reconsider your decision not to use this powerful feature of
sendmail.
Ken
-----Original Message-----
From: Clayton, Nik [IT] [mailto:nik.clayton at citigroup.com]
Sent: Thursday, September 25, 2003 11:44 AM
To: mimedefang at lists.roaringpenguin.com
Subject: RE: [Mimedefang] Performance Benchmarking / Experiances
> On the filtering servers sendmail is configured as a PROMISCUOUS RELAY
> so that it is NOT using the access.db to control relaying. We use
> filter_relay in mimedefang to check against a black list of
> spammers...but that is not very effective. Most of the work
> is done in filter_recipient.
Why aren't you using the access.db? Sendmail will consult this, and
reject the message if necessary without ever needing to send data to
a milter. Doing IP/domain based blacklisting in MIMEDefang isn't
terribly efficient -- although it has other benefits (keeping the data
in external databases, for example).
N
--
1 1 2 3 4 5 6 7
7
0 0 0 0 0 0 0
5
-- The 75
column-ometer
Global Messaging, A: Who's there?
120 Cheapside, x83331 Q: Knock, knock
_______________________________________________
MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
_______________________________________________
MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
More information about the MIMEDefang
mailing list