| View previous topic :: View next topic |
| Author |
Message |
del
n00b
Joined: 16 Dec 2003
Posts: 5
Location: Catasauqua, PA, USA
|
 Posted: Wed Mar 17, 2004 9:57 pm Post subject: Linux Mail Server Test (Side By Side) |
 |
|
| My company is having a bit of a problem with SPAM and viruses, I've been tasked to solve this, but my boss would like to see it working before we replace Exchange Server. I made a basic setup that uses fetchmail to get my messages and a few other accounts from the exchange server, then run them through SpamAssasin. This works, but he's not impressed, and he wants to see an actual server working like it would in the real world. In other words he wants it running parallel to Exchange server so he can compare speed, virus scanners, etc. So both servers need to get all incoming messages, is this possible? Is it possible to do this with port forwarding and/or NAT, or do I need to do it with SMTP somehow? I've googled for similar situations but haven't had any luck... |
|
| Back to top |
|
 |
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Wed Mar 17, 2004 10:26 pm Post subject: |
|
|
Rather than replacing Exchange with Linux, you may want to augument your system.
Let's say both machines are inside the firewall. You'd point port 25 to your new Gentoo server running Postfix (or other MTA). Postifx accepts the mail, does any filtering, and then uses its smtproute to send the processed mail to Exchange. Users continue to use Exchange for email. To test you might create a new subdomain and point it to Postfix which will process and pass to Exchange.
Spam and virus filtering are resource intensive and splitting it between two boxes like this is a nice solution. Also you can use smaller/cheap boxes for spam filtering and Exchange. And you don't have to change everyone's password or mess with the calendering if you use it. And if either box fails you can have the Postfix accept mail and hold it until Exchange comes back or just move Exchange back to being the publicly accessible mail server.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
Chris W
l33t
Joined: 25 Jun 2002
Posts: 972
Location: Brisbane, Australia
|
| Posted: Thu Mar 18, 2004 12:16 am Post subject: |
|
|
You cannot reasonably run the two systems in parallel, with identical traffic flows, in a production environment.
You can set up as in the previous post without interfering with the existing traffic flow. To demonstrate it working you'd need a collection of spam and virus emails, as well as good emails, that you inject into the SMTP server destined for a test account in Exchange as if they'd come in normally. You can check that viruses get bounced, spam gets tagged, ham doesn't get tagged, and that the mail makes it into the Exchange box. You could even time, say, 1000 messages to get a performance feel. Bear in mind that any delay caused by Exchange is common to both systems and must be factored out - run the same test talking straight to Exchange's SMTP port.
_________________
Cheers,
Chris W
"Common sense: The collection of prejudices acquired by age 18." -- Einstein |
|
| Back to top |
|
|
del
n00b
Joined: 16 Dec 2003
Posts: 5
Location: Catasauqua, PA, USA
|
| Posted: Thu Mar 18, 2004 4:48 am Post subject: |
|
|
| I probably could have made myself slightly clearer in retrospect, Exchange is on its way out (Lisencing issues), and is going to be replaced by something. The ultimate goal is a webmail system for the majority of the (mostly computer illiterate) users who prefer Hotmail/YahooMail to their work accounts anyway, and IMAP access to those who prefer something more powerful. Calendaring is not an issue. Thanks for the replies though, if our plans were different they would be quite helpful. |
|
| Back to top |
|
|
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Thu Mar 18, 2004 8:58 am Post subject: |
|
|
Ah, good to know. To be honest having the server in front of Exchange for a bit might not be a bad start to testing. You can get the spam and virus filtering sorted out and also get an idea of the load you're going to be dealing with. It'll be a good test to convinve you're boss that Linux is vaiable as well.
Depending on the number of users, I'd probably go RAID 1 for data safety, 1-2GB of ram which will help with filtering, and PIII or better. CPU is probably going to be the least important resource in your system.
I hate to recommend anything at odds with waht you're askign for, but truly running things is parallel is nex to impossible. I think putting the linux server in front will be the best test. POP/webmail/imap is pretty low key if you're got less that 100 users.
Feel free to post a bit more and maybe we can help you hash out a better plan.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
del
n00b
Joined: 16 Dec 2003
Posts: 5
Location: Catasauqua, PA, USA
|
| Posted: Thu Mar 18, 2004 1:11 pm Post subject: |
|
|
The system needs to support approximately fifty users and the useful mail volume is quite low. The average user gets about 150 peices of spam a day, with some users getting as many as 500. Viruses are currently filtered by Norton on exchange, but the licensing plan used to purchase it has since become unavailable. Norton has reported over 6000 bounced viruses since the beginning of the year. The new mail server has RAID and 1GB RAM with an Athlon XP 2700+ processor.
How is the feasability of using a .forward file on a third PC to just forward every piece of mail to each of the two servers. The third PC would do no filtering, just forward the files. Setting up the third PC wouldn't be an issue, we have an abundance of spare/old PCs laying around, and it would only be in service for a week or two anyway. |
|
| Back to top |
|
|
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Thu Mar 18, 2004 7:50 pm Post subject: |
|
|
Sending everything to a 3rd machine with local accounts that then forward a copy to the Exchange and Gentoo system would work.
Are you just going to do a compare of how many spams get blocked and virus trapped per system. If that's the test then the above would work well. Also would allow you to get webmail, fitlering hased out for your boss to look it. It's not especially pretty, but would work.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
del
n00b
Joined: 16 Dec 2003
Posts: 5
Location: Catasauqua, PA, USA
|
| Posted: Thu Mar 18, 2004 9:15 pm Post subject: |
|
|
| Pretty's not important for now, as long as it works. Thanks for your help! |
|
| Back to top |
|
|
georwell
Guru
Joined: 25 Jun 2003
Posts: 430
Location: Uppsala, Sweden
|
| Posted: Thu Mar 18, 2004 10:36 pm Post subject: |
|
|
If you want to put spam/virus filtering in front of exchange. Look not further then mailScanner. Very powerful and very easy to use.
http://www.mailscanner.info |
|
| Back to top |
|
|
msalerno
Veteran
Joined: 17 Dec 2002
Posts: 1338
Location: Sweating in South Florida
|
| Posted: Thu Aug 26, 2004 5:32 pm Post subject: |
|
|
One more vote for MailScanner.
I have a MailScanner server sitting in front of my mail servers. It works great. Keep in mind that the bayes DB will need time to learn. Use razor2, dcc and pyzor. Also, to train your bayes db, you could check out:
www.spamarchive.org
ftp://spamarchive.org/pub/archives/submit/
It is a collection of spam that you can feed into your bayes database with: sa-learn --mbox --spam --showdots ./858.r2 |
|
| Back to top |
|
|
|
Networking & Security
