On 1/23/08, Urban Hillebrand <[EMAIL PROTECTED]> wrote: > Hi list, > > I am thinking about putting thow OpenBSD boxes running spamd, CARP and > relayd in front of our primary MXes. I want to use them for greylisting > and tarpitting only (RBLs are not an option for us, as we are using a more > conservative approach on our postfix servers with policyd-weight - a host > has to be on at least 2 blacklists before dropping the connection). > > (1) We usually have 200.000 - 300.000 SMTP-connections a day, with peaks > of ~500.000 during outbreaks. Do you have any suggestions about HW sizing > for the OpenBSD box? It would be very helpful if you could share your HW > configuration and some numbers about the volume handled. > > (2) I plan to use CARP for failover, and relayd (hoststated) for spraying > SMTP-connections to our postfix servers. Those servers use different > interfaces for incoming and outgoing connections. Is it possible to use > CARP & relayd to service both "sides" of our SMTP servers (using 2 CARP > cluster addresses)? > > (3) I found several hints in the archives that some people believed to > have problems with spamd and SMTP servers using address verification, open > relay checkers, and some broken SMTP software. Does any of this still pose > a problem for you? > > > Any insights are really appreciated. > > Thanks in advance > -Urban > >
Urban, Bob Beck's presentation on spamd & pf should provide some useful insight as to how you could deploy a similar setup. I found the presentation(s) to be quite helpful a few years ago. http://www.ualberta.ca/~beck/nycbug06/ Kind regards, Luis
