Forums & Blog

Hi there,

can anyone help? i am currently hosting our email with shared hosting and it has smartermail with "DECLUDE" ... but i am about to change to dedicated hosting - the price of dedicated hosting includes smartmail but "NOT" declude.

Any advice really appreciated on a good way of incorporating an an antispam solution, i know smartermail has antispam but i wanted add additional spam protection (we get a lot!! :-) ). I don't want greylisting as is delays email.

Declude is an option but you have to buy a license and i was trying to keep costs down.

I also believe spamassasin is available (windows) as a free plugin but i notice in the BETA of 6.x it states its not recommended.

I would really appreciated any advice anyone can offer..

Also does anyone know a good Antivirus that can plugin into smartmail also

Any help really apprecaited

John

We have got Clam AV on our servers and got RBL's on which has cut down alot of spam mail.

The way i see it you could just go with the default SmarterMail antispam settings in 5.x if you are trying to keep costs down initially. The built-in spamd engine should be sufficient for low volume servers but is definitely a big no-no for large volumes as it tends to bog down the spool queue.

Going forward from what i can gather SmarterMail 6.x will come with additional built-in URIBL support and the SpamD engine will be replaced with a custom spamAssassin replacement engine that uses the spamAssassin ruleset. If that still does not cut it, then down the road you can always add-on declude/comtouch/sniffer/3rd party antispam tools.

As for the Antivirus I have not found any shortcomings with the built-in ClamAV engine considering it is free. It works quite well and there are really not much issues

Cheers

 I am not sure its the cheapest solution but by far is has been the most effective that we have found. We use multiple Linux based servers as inbound MX servers and outbound servers which off-loads all the major effort from SM. Of course you can do this with a single server. We have a large volume of inbound and outbound mail so we choose to do it with four inbound MX servers and two outbound servers. By setting equal priorities to the MX entries in our DNS we get excellent load balancing across all of our MX servers. Each server runs Exim, SpamAssassin, Pyzor, Razor, DCC, ClamAV and DynaWall. All these package are free and perform very well, and on the Linux platform, they are extremely stable. The net result is a 67% (on average) rejection of all mail before it even hits our SM server. We have been running this configuration for several years now and our customers love it.

it's not just about spam identification. If you really want to make an impact on your bad mail you need to look at:

Invalid Email Headers
Forged Headers
Invalid Helo
Invalid Helo Domains or malformed Helo domains
Reverse DNS issues
Sender verification
Pipelining
Recipient verification
Virus
Dynamic IP's
RBL's
And of course Spam identification

Using the excellent header identification features of SM we can easily tag inbound mail for processing by SM to be all inclusive of the many SPAM checks we perform on the external servers.

Our experience tells us that if we expect the SM server to perform the extensive checks of all inbound mail we perform, the server is doomed. The same holds true for outbound mail. Setting up gateways on outbound mail offloads a huge amount of work from the SM server. A scan of these forums over time is a testimony to the fact that attempts to have SM handle all this work will result in failure.

All in all, the SM server runs our mail services with no stress at all, and we process a few million pieces of mail/day not to mention mailing lists and other mail functions.

If your trying to get a really effective solution to reduce the amount of garbage hitting your SM server, not just from SPAM and viruses but from many other things, using the SM server to do it all is a complete waste of time. I'm not trashing the SM server, we love it. But it is not capable of being an all in one solution for todays mail issues. And as an added bonus, which nobody likes to think about, if our mail server goes off line for any reason, all inbound mail is held at the MX servers for delivery when the SM server comes back up. This makes updates and changes to the SM server less stressful and while mail may be delayed slightly to our users, nothing is lost of sent back.

GA

gascione

I am having the same issues as above....we are running three front end and one backend server in server 2003.  We are even been warned by urbl we are hitting them to much.  We are using declude with a license and I was just wondering your thoughts?  Should we go linux like above and if so how would you suggest that?  Does anyone out there that are using SM in a server 2003 environment that has a high volume of emails (about 800,000 a day) how are you running your server?

 Of course you have already figured out that we firmly believe that the solution we have implemented is the most cost effective, stable, and most effective solution available for large volumes of inbound email. We are not looking for any other solutions and have no plans in the future to deviate from our current configuration. SM 6 will just slid right into this configuration with virtually no changes. First of all ClamAv is just as good if not better than any commercially available AV solution so inbound viruses very rarely get through. The combination of initial server checks before even worrying about SPAM checking knocks out a serious amount of mail before you spend an ounce of overhead looking at the Email itself. Then the combination of SPAM engines and RBL's take care of tagging the rest of the SPAM.

Getting into this type of system is very easy. All it takes is a bare bones Linux server, or several of them depending on your level of mail. As I said, we process well over a million pieces of mail/day which excludes attempted deliveries that get rejected before even getting to the opportunity to send the mail. We use Debian because the Exim system is really native to Debian although this can be done with Postfix as well for people that like that MTA.

The rest is configuration can be a bit involved if you have never done it before. But I have always offered our Exim config files to anyone that wanted them. Once you instlall all the pacakages you can basically plug in the config into exim and customize a few lines and your off. We run our system on a Dell Blade 1655MC with 6 dual 1.4 Gig P4's and 2Gigs/blade. It happens to be what we had available coming off of another customer project. You can practically run this on anything. I helped somebody set up the exact same system we had and they used 6 old DL360's they purchased on Ebay for about $200 each. Works perfectly. The overhead is minimal and for the most part the servers have no load.

Another benefit is the ability to easily scale up the systems. You can start with one server and add servers as you go. Like I said, a very effective way to load balance inbound mail is to add multiple MX entries into your customer's DNS and set the priority to the same number. The way in which the MTA picks up the MX is random so over time you will see a pretty even traffic load. Also if one of the MX's is down, the others just take over the load.

The real amazing part is how smooth and quiet the SM server runs when you offload all the other crap. Our SM server is just rock solid.

You can easily test the waters by getting one old server somewhere, installing the base Debian Linux system. You can email me and I will be glad to outline the necessary software you must install and gladly give you the Exim config's. One word of caution, when installing Exim don't use the latest Exim versions. I will let you know which version to download and install. Exim made a major change to the way they organize the configuration files and we have not yet upgraded to that version. Just because we have not had to.

GA

 Thanks for the options, I think we may go that route and would need your help in the near future...

Don't forget SAVASM. We run the free VMWare server and SAVASM (also free) with excellent results.

 Good option as well but didn't work out for us. We found redundant hardware to be the best option for us. At one point we had 4 of our 6 machnes as virtual and had a failure on the virtual server taking down the MX relays. We replaced the virtuals with used blade servers giving us 6 servers in the same footprint as our VM however it was more reliable.

GA