Something about servers, moving sites, and greylisting as anti spam

I never wrote a lot about the few servers I manage already for some time. Since half November there was a brand new server for hosthuis.nl to replace mostly the current server.
The current server is a nearly 3 year old box, that hosts several pretty well known sites, like www.phpbb3styles.net and www.phpbbmodders.net, besides the own sites from hosthuis.nl.

To make full use of the brand new server (Which is a quad core XEON with 6GB RAM) I decided to use KVM to virtualize several VMs on this server. At the current server, its just one server, with nothing else. The new server will have several “mini” servers (Its not really mini, some of them, like the web and mysql VMs, have better specs as the current server :D), to make sure all hardware is really used.

The current setup now basicly only has 3 VMs, 1 just for what the current server does, minus MySQL, (The current server uses Direct Admin, so web, mail, dns, and some other services), one VM for just MySQL and one for internal stuff and the hosthuis site.

With this brand new server there are several new things used at the server to make sure all services that hosthuis provide still maintain a good level of quality, but also to prevent security issues happening. One things here is the number of spam emails we receive at a day.
A few months ago, we were only doing some basic filtering with spamassin. At that moment, we received over 480K (thats over 40K a hour) spamemails a day. At that moment, we decided to filter on rDNS as well. With this, we got the number of mails down to around 20K a hour. Thats a difference of more then 50%, a lot.
But its still a  lot email thats received, and running a spamfilter takes some CPU, that can be spent better. A few months later we decided to use some RBLs At that moment, the spam was raised a bit again, to around 25K a hour. With enabling RBLs it was decreased to less then 5K a hour. This was a major improvement, 80% less emails a hour, so a lot more free CPU.

Hower, at the new server we now we still thought it was a bit to much. The stats I currently have are a bit off, so dont take me into these stats yet :). Not all sites have been moved to the new server, and there are some new anti-spam measerements at MTA level compared to the old server, so I cant compare it really, but yesterday, before I enabled greylisting, I had around 1.8K of spamemails a day that were accepted. Today I enabled greylisting, and the stats till now look very promising:

web:~# greylist stats
Statistics since Thu Dec 24 12:59:53 2009 (7 hours and 8 minutes ago)
———————————————————————
25 items, matching 2027 requests, are currently whitelisted
0 items, matching    0 requests, are currently blacklisted
277 items, matching  277 requests, are currently greylisted

Of 25 items that were initially greylisted:
– 25 (100.0%) became whitelisted

–  0 (  0.0%) expired from the greylist

This is a huge amount again thats filtered out of the total spam list, what hopefully causes again less spam to be filtered by spamassin, what just takes a lot CPU, and that with only a few edits to the exim config.

2 thoughts on “Something about servers, moving sites, and greylisting as anti spam

Leave a Reply

Your email address will not be published. Required fields are marked *