smtp proxy

On 4/28/2008, Nasser Heidari ([hidden email]) wrote:
> I need a high-performance transparent SMTP proxy.
>
> Please recommend me the best smtp-proxy for use.

Postfix does a remarkably good job all by itself to eliminate spam, but
a really good smtp proxy is ASSP:

http://assp.sourceforge.net/

and

http://www.asspsmtp.org/wiki/Welcome

--

Best regards,

Charles

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Charles Marcus wrote:
| Postfix does a remarkably good job all by itself to eliminate spam, but
| a really good smtp proxy is ASSP:

ASSP is great, and I also like Hermes:
http://www.hermes-project.com/


- --
Arturo "Buanzo" Busleiman
Reliable inter-continental Mail Relay Service - Ask me!
Independent Security Consultant - SANS - OISSG
http://www.buanzo.com.ar/pro/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIFfL6AlpOsGhXcE0RCp9EAJ9VPj+ad5qX/Hxcmr5nVjkDojYAsACfdJVO
OoR1KTAI8p3G8Sej4zjXiZM=
=buse
-----END PGP SIGNATURE-----

On 4/28/2008, Arturo 'Buanzo' Busleiman ([hidden email]) wrote:
>
> ASSP is great, and I also like Hermes:
> http://www.hermes-project.com/ 

Cool, hadn't heard of hermes... thanks for the tip...

--

Best regards,

Charles

Hello,
Thanks for your answer,
ASSP is a good idea, but I read here:
http://www.asspsmtp.org/wiki/Is_ASSP_for_me%3F  it should work well with
between 1 and 300 client addresses and a mail volume of up to around 100,000
messages per day.
But I have about 2000 messages per minute.
Can you recommend other SMTP proxy for me?
And are there any other ways to control outbound spam transparently?

Thanks a lot .

-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Charles Marcus
Sent: Monday, April 28, 2008 19:15
To: [hidden email]
Subject: Re: smtp proxy

On 4/28/2008, Nasser Heidari ([hidden email]) wrote:
> I need a high-performance transparent SMTP proxy.
>
> Please recommend me the best smtp-proxy for use.

Postfix does a remarkably good job all by itself to eliminate spam, but
a really good smtp proxy is ASSP:

http://assp.sourceforge.net/

and

http://www.asspsmtp.org/wiki/Welcome

--

Best regards,

Charles

On Tue, Apr 29, 2008 at 08:54:29AM +0330, Nasser Heidari wrote:

> ASSP is a good idea, but I read here:
> http://www.asspsmtp.org/wiki/Is_ASSP_for_me%3F  it should work well with
> between 1 and 300 client addresses and a mail volume of up to around 100,000
> messages per day.
> But I have about 2000 messages per minute.

What sort of inspection do you need to perform? The performance of an
SMTP proxy depends almost entirely on its internal workload...

The proxy I use ranges from ~12 msgs/sec when configured with the most
aggressive plugin filter setting, ~30 msgs/sec in a more practical
configuration and ~1000 msgs/sec when just passing traffic uninspected.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

On Tue, 29 Apr 2008 at 08:54 +0330, [hidden email] confabulated:

> Hello,
> Thanks for your answer,
> ASSP is a good idea, but I read here:
> http://www.asspsmtp.org/wiki/Is_ASSP_for_me%3F  it should work well with
> between 1 and 300 client addresses and a mail volume of up to around 100,000
> messages per day.
> But I have about 2000 messages per minute.
> Can you recommend other SMTP proxy for me?

You haven't mentioned what kind of hardware you are using.

Here, our primary filter server (where all MX's pointing to) we are using
a Dell PowerEdge 6850, 4 x 3Ghz Intel Zeon with 12Gb ram. With
Postfix/SpamAssassin/ClamAV, the server processes over five(5) million
messages per day with almost near Postfix default settings. The OS is
FreeBSD 7.0 AMD64. The last CPU load average recorded was:

   +---- Load Average ----+
   |   1m |    5m |   15m |
   +----------------------+
     2.330   2.374   2.361

This server also serves as the main MySQL server for filtering. It has
been able to handle over 120 queries per second.

> And are there any other ways to control outbound spam transparently?

The same server mentioned above runs a separate instance of Postfix for
outbound sending using policyd to throttle customer sending for
approximately 600 domains. I could toss SpamAssassin and ClamAV into the
outbound loop, but don't need to at this time.

I want to inspect emails for spam!
Let me know what proxy software you use?
By the way, my second problem is I'm afraid if I redirect all my SMTP traffic
to one server (proxy), may be its IP address get into blacklist!!!


-----Original Message-----
From: [hidden email] [mailto:[hidden email]]
On Behalf Of Victor Duchovni
Sent: Tuesday, April 29, 2008 08:05
Cc: [hidden email]
Subject: Re: smtp proxy

On Tue, Apr 29, 2008 at 08:54:29AM +0330, Nasser Heidari wrote:

> ASSP is a good idea, but I read here:
> http://www.asspsmtp.org/wiki/Is_ASSP_for_me%3F  it should work well with
> between 1 and 300 client addresses and a mail volume of up to around 100,000
> messages per day.
> But I have about 2000 messages per minute.

What sort of inspection do you need to perform? The performance of an
SMTP proxy depends almost entirely on its internal workload...

The proxy I use ranges from ~12 msgs/sec when configured with the most
aggressive plugin filter setting, ~30 msgs/sec in a more practical
configuration and ~1000 msgs/sec when just passing traffic uninspected.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

On Tue, Apr 29, 2008 at 09:23:22AM +0330, Nasser Heidari wrote:

> I want to inspect emails for spam!

This is too vague, everyone wants to inspect email for spam. What
inspection methods/engines do you want to use? Is the proxy required
to be an after-queue content filter or a pre-queue proxy filter?

I use a commercial filter integrated into the Proxy via a dynamically
loaded module that encapsulates the commercial filter API. The proxy
will be open, the (plugin) spam filter module I use will only be useful
to those who buy the vendor product.

> Let me know what proxy software you use?

It is not yet publically released. Want to help with documentation? If
someone can polish the docs, I can accelerate the release. The proxy
in question is postqueue-only. The I/O code expects Postfix to prevent
absurdly long logical headers or physical body lines.

> By the way, my second problem is I'm afraid if I redirect all my SMTP traffic
> to one server (proxy), may be its IP address get into blacklist!!!

This betrays significant confusion on your part... You may be better off
with pre-integrated commercial software/appliances. The open-source tools
give you more control, but may require more skill to integrate.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.