Re: [gentoo-user] Setting up SMTP relay

[kashani <kashani-list@badapple.net>]

On 1/23/2011 4:26 PM, Alan McKinnon wrote:
> Apparently, though unproven, at 02:02 on Monday 24 January 2011, kashani did
> opine thusly:
>
>> On 1/23/2011 12:20 PM, Alan McKinnon wrote:
>>> It manages it's own queues beautifully. But, and this makes me sad, it
>>> doesn't really want *me* to manage it's queues. Border controls are
>>> hard, and finding the 1,000 mails some idiot with a Windows bot just
>>> sent, and deleting them, is really hard.
>>>
>>> I'm redesigning our mail setup at work,a nd I'm going to do it with exim
>>> *and* Postfix. Exim is the front end I can see, work with, and manage.
>>> Exim sends on to Postfix as fast as it can, and Postfix transparently
>>> relays to recipient. I get best of both worlds :-)
>>
>> 	I can't say I've ever needed anything more than mailq | grep |awk  |
>> postsuper -d - in order to delete mail from the Postfix queues. What
>> sort of things are your trying to do other than delete a lot of spam or
>> bounces?
>
> First, our internal mail system deals with about 3,000,000 mails a day Mon-Thu
> so grep | postsuper is a tad inadequate, even if just on the basis of volume
>
> The basic tools are fine as long as you understand what they are dealing with
> - raw text. As soon as you run mailq you have text, you no longer have
> intelligence about what that text means. So you need lots of grep-fu.
>
> I can't control what the users mail out, sometimes they have automated systems
> that do silly things like send 10,000 notifications an hour to an SMS gateway
> when they cocked up Nagios. Finding the dodgy ones is no fun when there's a
> lot of perfectly valid ones in the mix too, and grep doesn't help much other
> than blindly selecting text matches.
>
> There's lots more examples, but they all follow a similar theme.
>

	Thanks for the extra detail, I found what you're describing very 
interesting. I've never dealt with Postfix with more than a couple 
hundred internal users and more often as spam our customers system. 
Other than the occasional Nagios blasts I haven't had to deal with much 
of this.
	In regards to controlling what users send is it feasible to use a 
policy server for rate limiting them? The ability to use an extra lookup 
service to decide whether to access main, filter it, allow relay, etc is 
one of the things I think Postfix does well. However I suspect the 
management and hand holding of a rate limit system would create more 
overhead than cleaning out the queue periodically.

kashani