Email Server Solution

Ugo Bellavance ugob at camo-route.com
Thu Jul 28 16:06:18 UTC 2005 

Steve Buehler wrote:
>     I had to resend this because the list software didn't like the
> Subject.  Anyway, here is the email.
>     We are running multiple RedHat boxes.  Anywhere from 7.3 to RHEL ES
> 4.  Each server has between 1 and 300 sites on them.  I am trying to
> find out a solution to a problem that we are having with AOL and RBL's. 
> We have come to the conclusion that we will need another server just for
> email.   That defeats the purpose of our Ensim Control panel that we use
> since it isn't set up to allow for multiple servers to separate out the
> email.
>     To get blocked, all it seems to take is one client that has a virus
> on his computer sending out through his email account and our whole
> server gets blocked because all sites email always goes out from the
> main servers IP address, not the IP address of there domain/account.  It
> would be nice if email would appear to come from the IP of the domain
> and not the IP of the server itself.  That way we could at least narrow
> down which domain is causing the problems.
>     All of our servers that we have are dual processor XEON's with 2 gig
> of memory and SATA or SCSI drives, usually in RAID configurations.  If
> we try running SpamAssassin and a Virus Scanner on the servers for the
> email, it slows the servers down to a crawl at times.  I know there are
> providers that aren't having this kind of problems.  We would like to
> have ONE control panel where the customer can administer there sites
> including email.  That will mean that we will have to get rid of the
> Ensim Control panel because it will not allow for administering sites
> and email if the they are on different servers.  Only two of our servers
> uses the Ensim Control panel for clients.  The other servers don't have
> control panels but we still can't run SpamAssassin and/or a Virus
> Scanner on them for the email because it just slows the he** out of them.
>     We don't allow spammers on our systems and greatly hinder the
> ability to have mailing lists.  We allow them, but we check out to make
> sure they are double opt in and we know most of our clients personally. 
> The latest block from AOL is from a server that doesn't even send out
> email because the program for the store that is on there is not
> completely written yet and the email part is not even started yet. 
> Apparently from what we can gather is that a spammer is using the ONLY
> domain name that is on it as a return address.  I have even shut off
> email programs on it completely just to make sure.  It has not been
> hacked that we can see and all of our servers can only be SSH'd into
> from 2 IP addresses.  Telnet is turned off.  I don't allow any client to
> ever SSH into their accounts.  I won't even give the bosses and owners
> the root password or access to them for SSH.  All IP's but 2 are blocked
> at the main firewall and the firewall that is on each system.  It is not
> impossible that one of our servers where hacked, but it is very very
> unlikely especially for the one that has the incomplete store software
> on it and no other sites.  I do realize that being blocked because of a
> spammer that is using one of our domains for a return address is
> something that we can't do anything about.
>     Any help and suggestions would be greatly appreciated.
> 
> Thank You and Vote for the Death Penalty at your next election for
> anyone who is caught Spamming.
> Steve
> 

My suggestion would be to have 2 or more servers running MailScanner +
SpamAssassin in front of all your servers.  Have incoming and outgoing
e-mails going through it.  MailScanner will process the mail, then
deliver to the right server, depending on the domain.

There is a way to have the management interface for MailScanner
(MailWatch) centralized (one interface for all servers) for a small fee.

You can contact me offlist or have a look at the MailScanner mailing
list if you'd like to have more info.

Regards,

-- 
Ugo

-> Please don't send a copy of your reply by e-mail.  I read the list.
-> Please avoid top-posting, long signatures and HTML, and cut the
irrelevant parts in your replies.

More information about the redhat-list mailing list