Email Server Solution

Steve Buehler steve at ibapp.com
Thu Jul 28 15:22:12 UTC 2005 

	I had to resend this because the list software didn't like the 
Subject.  Anyway, here is the email.
	We are running multiple RedHat boxes.  Anywhere from 7.3 to RHEL ES 
4.  Each server has between 1 and 300 sites on them.  I am trying to 
find out a solution to a problem that we are having with AOL and 
RBL's.  We have come to the conclusion that we will need another 
server just for email.   That defeats the purpose of our Ensim 
Control panel that we use since it isn't set up to allow for multiple 
servers to separate out the email.
	To get blocked, all it seems to take is one client that has a virus 
on his computer sending out through his email account and our whole 
server gets blocked because all sites email always goes out from the 
main servers IP address, not the IP address of there 
domain/account.  It would be nice if email would appear to come from 
the IP of the domain and not the IP of the server itself.  That way 
we could at least narrow down which domain is causing the problems.
	All of our servers that we have are dual processor XEON's with 2 gig 
of memory and SATA or SCSI drives, usually in RAID 
configurations.  If we try running SpamAssassin and a Virus Scanner 
on the servers for the email, it slows the servers down to a crawl at 
times.  I know there are providers that aren't having this kind of 
problems.  We would like to have ONE control panel where the customer 
can administer there sites including email.  That will mean that we 
will have to get rid of the Ensim Control panel because it will not 
allow for administering sites and email if the they are on different 
servers.  Only two of our servers uses the Ensim Control panel for 
clients.  The other servers don't have control panels but we still 
can't run SpamAssassin and/or a Virus Scanner on them for the email 
because it just slows the he** out of them.
	We don't allow spammers on our systems and greatly hinder the 
ability to have mailing lists.  We allow them, but we check out to 
make sure they are double opt in and we know most of our clients 
personally.  The latest block from AOL is from a server that doesn't 
even send out email because the program for the store that is on 
there is not completely written yet and the email part is not even 
started yet.  Apparently from what we can gather is that a spammer is 
using the ONLY domain name that is on it as a return address.  I have 
even shut off email programs on it completely just to make sure.  It 
has not been hacked that we can see and all of our servers can only 
be SSH'd into from 2 IP addresses.  Telnet is turned off.  I don't 
allow any client to ever SSH into their accounts.  I won't even give 
the bosses and owners the root password or access to them for 
SSH.  All IP's but 2 are blocked at the main firewall and the 
firewall that is on each system.  It is not impossible that one of 
our servers where hacked, but it is very very unlikely especially for 
the one that has the incomplete store software on it and no other 
sites.  I do realize that being blocked because of a spammer that is 
using one of our domains for a return address is something that we 
can't do anything about.
	Any help and suggestions would be greatly appreciated.

Thank You and Vote for the Death Penalty at your next election for 
anyone who is caught Spamming.
Steve

More information about the redhat-list mailing list