I am seeking advice. My company is looking into setting up a spam/virus filtering system. The plan is to use open source software such as spamassassin to filter the mail. The issue is the number of e-mails recieved during peak hours requires that we have multiple servers filtering. We were thinking of a 3 teared system with recieving servers on the front, filters behind that, and a third layer which would simply store the e-mail for pickup. The company currently has some 2000 accounts unfiltered that will be migrated. These accounts recieve anywhere from just a few to a few hundred e-mails a day. This number could double in the next few years and we would like to be scailable to expand with it. Let me know any thoughts you guys might have or any software packages that have worked for you in the past.
Using bunch of RBLs + discarding emails which are not RFC comlaign would significantly lower your inbound junk and you will not burn servers with spamassassin... also, depending of your email system you can kill smtp conversation if target user is not existing, thus lovering noice rate and saving servers from loads.
www.n3v.net provides affordable system administration and support to companies and individuals with dedicated and colocated servers
Thanks guys... Had put some thought into the rfc compliance filtering however the main issue I see is being able to maintain the open connection until the mail is scanned. This allows you to drop connections as apposed to the exim configuration which does bounce-back. I would rateher hold the connection opened. I have not found a piece of software that would do something like that by default. Procmail might work but the configuration is near imposible.
If you've got the money, BorderWare offers a line of "email firewalls" (the MXtreme) which are not cheap, but offer incredible performance.
Failing that, do as Victor suggested above, and set up as many RBL and sanity checks at SMTP time as you can, to avoid having to process mail that has a 0% chance of being legitimate. Spam and, particularly, antivirus scanning are what consume the most system resources, so you want to avoid as much unnecessary scanning as possible.
redpin.com - offering amazingly competent email, dns, and web hosting since 2002... because someone has to!
Because Simple Things Should Be Simple - YouCANHasDNS