Firewall Wizards mailing list archives
Re: Cisco PIX Version 6.3(3) SMTP Problem
From: "Paul D. Robertson" <paul () compuwar net>
Date: Wed, 6 Jul 2005 18:39:03 -0400 (EDT)
On Thu, 7 Jul 2005, Devdas Bhagat wrote:
This depends on a lot of factors. In particular, the skillset of the administrator. Email administration does not take so much time, as skill.
Yes, but unless you're having problems, it's pretty much a fire and forget thing.
http://nixcartel.org/~devdas/minute.png just to contrast with your numbers below. These systems are CPU bound. About half that is DNSBL, a quarter is unknown user and the rest is other checks. And that graph is from last August. There is no major content filtering (only some header, mime_header and body checks).
Nice, the system I talked about delivers between 20,000 and 35,000 messages per day. I'm considering graphing it out, but haven't had the time to parse the message I get and lump it into something useful.
Was this an "accept everything and then bounce" setup? People should know better than to leave systems like that on the Internet today.
It wasn't. I've got one of those, it's just fine- though pre-mailfilter, I was considering locking it down by recipient.
Nice. If you have the time, plug in mailgraph there, it generates pretty graphs.
They're not big on graphs, which is why I hope to work with them a lot more in the future!
Do they really need the secondary? Spammers tend to attack secondaries far more often than primaries, and most secondary MX servers serve no useful purpose today.
Unfortunately, they do- they're a service provider.
Generally what's left over is easy to filter with just about anything, so I'd say my experience mirrors yours in that basic protections nail the majority of the bad stuff. For my personal stuff, I just run it all through Mailscanner and clean out the rejected piles from time to time. I've updated my rules three times this year. I've seen about 20 spam messages that didn't get caught by filters, I used to see 3x that a day on *good* days.I wish I was that lucky. I get about 40 UBE a day sent to my forwarding accounts. Stuff sent directly here doesn't make it through though.
Oh, I have accounts that aren't that good, but I don't control the mailserver on those, or I don't set the policy. But this account has been doing pretty well. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Cisco PIX Version 6.3(3) SMTP Problem, (continued)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Paul D. Robertson (Jul 06)
- RE: Cisco PIX Version 6.3(3) SMTP Problem David M. Nicksic (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Devdas Bhagat (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Paul Robertson (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem hermit921 (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Devdas Bhagat (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Paul D. Robertson (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Gregory Hicks (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Devdas Bhagat (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Paul D. Robertson (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Devdas Bhagat (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Paul D. Robertson (Jul 06)
- Re: Cisco PIX Version 6.3(3) SMTP Problem Devdas Bhagat (Jul 06)