Re: [AMaViS-user] FINAL DECISION: Will our machine handle it

Matt wrote:

>>
>>I'm sure you are aware of this Matt, but on your 2 gateway servers,
>>you MUST reject mail to nonexistent users. I don't know if or how you
>>are doing this now, but I've heard that use of a relay_recipients map
>>may be more efficient than LDAP queries, but of course this means that
>>programs have to be written to extract email addresses from LDAP
>>and load them into the map(s), and of course, this would have to
>>automatically happen on a regular basis.
>>
>>

> This thread was only referring to the introduction of amavisd into our
> network.

> Postfix is very well configured and has very restrictive
> smtpd_recipient_restrictions as well as helo_checks, sender_checks,
> recipient_checks, and the like. About 50% of the mail sent to the server
> is immediately rejected (without accepting it first). I assume that
> percentage will increase once postini is abolished.

This is all excellent, but as you describe it here, your server does
not reject mail to nonexistent users. Please correct me if I am mistaken
and it won't be mentioned again.

Unless you reject mail to nonexistent users at your gateway servers,
amavisd-new will have burn time, energy and CPU power processing each
and every one of these worthless mails, not to mention filling up your
deferred queues. Like I said, 83% of my mail is addressed to nonexistent
users. You have to find a way to reject this dictionary attack crap.

> The head relay servers (relay1 and relay2) will now takeover the exact
> configuration our existing mail server has. That way they continue to
> function as our current mail server does.

Your current server delivers mail locally, and the gateway
servers will relay mail, so at least in that respect, they must be
configured differently, but I think this is assumed.

>>>Depends what Matt meant by 'the remaining server' ie the 'other' 1U, or
>>>the LDA...

> I meant the remaining server for each situation. In other words, the
> domains that have relay1 setup as primary MX will have relay2 as
> secondary. The domains that have relay2 as primary will have the
> "remaining server" (relay1) set as secondary. That way its full
> redundancy if one goes down.

> The main mail server will ONLY accept incoming messages from the two 1U's
> Hope that clarifies.

It does, Thanks.
And like Clifton said, "Excellent plan; this is pretty much optimal."

> Regards,
> Matt

Gary V



-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/...fo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/