Mailing List Archive

Federico Petronio wrote:

> Hi all... I would like to know if is there any document about hardware
> requirements for SA+Postfix.
>
> My organization receives about 3000 mails per hour on peek hours and I
> am not sure about what kind of hardware is needed.
>
> Currently the Postfix is running on a Sun Netra T1 but that computer
> also provides other services so I will set up a new box for SA (just
> like a "SPAM Firewall") between the real firewall and the Sun box.
>
> Do you think a AMD 2Ghz with 256Mb of RAM and IDE HD could do the work?

I think the processor and hard drive will be fine, but I'm pretty sure
you'd be far more comfortable with 512-1024 MB of RAM.

--
Aaron Gould
Parts Canada - Web Developer

I try and use dual CPU boards with IDE RAID and with 1Gb memory.

The dual CPU board means I can use MP chips, the IDE RAID keeps the file
store fast enough and with some safety. The Memory allows me to run a tmpfs
for processing the mail on.

Just my 0.02 pence worth.

Alan

-----Original Message-----
From: Federico Petronio [mailto:petrus@activesec.biz]
Sent: 11 March 2004 20:43
To: SATalk list
Subject: Hardware requirements SA


Hi all... I would like to know if is there any document about hardware
requirements for SA+Postfix.

My organization receives about 3000 mails per hour on peek hours and I
am not sure about what kind of hardware is needed.

Currently the Postfix is running on a Sun Netra T1 but that computer
also provides other services so I will set up a new box for SA (just
like a "SPAM Firewall") between the real firewall and the Sun box.

Do you think a AMD 2Ghz with 256Mb of RAM and IDE HD could do the work?

--
Federico Petronio
petrus@activesec.biz

So that works down to a little less than 1 per second (3000ph / 50pm /
.83ps )?

CPU is more than adequate, I'd use SATA raid with raptor (10k) drives
(overkill but at least use 7200rpm/8mb edition ata) but you need more ram
than 256mb if you multithread your SA. RAM is cheap right now I'd drop in
512m of ECC ram so you can run 5 threads at once. If you want extreme drop
it in using 2*256m ECC chips on a spread-spectrum memory board (nforce).

> -----Original Message-----
> From: Federico Petronio [mailto:petrus@activesec.biz]
> Sent: Thursday, March 11, 2004 2:43 PM
> To: SATalk list
> Subject: Hardware requirements SA
>
> Hi all... I would like to know if is there any document about hardware
> requirements for SA+Postfix.
>
> My organization receives about 3000 mails per hour on peek hours and I
> am not sure about what kind of hardware is needed.
>
> Currently the Postfix is running on a Sun Netra T1 but that computer
> also provides other services so I will set up a new box for SA (just
> like a "SPAM Firewall") between the real firewall and the Sun box.
>
> Do you think a AMD 2Ghz with 256Mb of RAM and IDE HD could do the work?
>
> --
> Federico Petronio
> petrus@activesec.biz

Something else you might want to consider. Instead of one horribly fast machine why not buy two machines and run them in a load balancing/failure environment. You'll have the fault tolerance and performance as well.


Our original production environment took about 2 seconds per message to process through our system (postfix, sa 2.63 w/most of the major rulesets and Vexira a/v scanner) unless it is rather large. About 3 seconds a message when it is concurrently processing multiple messages. When we had 256mb's of ram we would see a few messages in the queue. Upgrading to 512mb's seemed to help a lot. The production environment (which was retired not to long ago) was a set of Toshiba 7100s (PIII, 450's with 10gb ide drives ATA 66 at best).

Our current environment is a set of servers running linux-ha using an internal shared NFS partition. Only one machine is active but the NFS stores the SA rules, virus definitions and mail queues. It is configured in such a way that if the primary machine fails then the secondary will startup and take over the queue. The new machines are P4 2.4 (non-hyperthreading) with 1gb ram, 40gb ata 133 primary drives. I think the total cost per machine was around $450 when we bought them. Since the implementation we have only seen a queue once and that was because it was a listserver that was screwed up (listserver admin was a hotmail user the hotmail account was full so each bounce generate a bounce generating a boumce, etc...) Even with the bounce SA was processing about 10 incoming messages per second (12k messages in about 15 minutes). during this event we had a ~500 messages in the queue. Setting a postfix DROP rule stopped the problem and the mailq cleared in ~3 minutes (with the exception of outgoing which was bandwidth issue). Most of the slowness was because the desintation servers couldn't handle the load that the mailspoolers were sending them. This server also handles all of the outgoing traffic as well.

We have a similar configuration at another clients site that also works great.


-----Original Message-----
From: Todd Schuldt [mailto:tschuldt@ised.org]
Sent: Thu 3/11/2004 1:41 PM
To: 'Federico Petronio'; 'SATalk list'
Cc:
Subject: RE: Hardware requirements SA



So that works down to a little less than 1 per second (3000ph / 50pm /
.83ps )?

CPU is more than adequate, I'd use SATA raid with raptor (10k) drives
(overkill but at least use 7200rpm/8mb edition ata) but you need more ram
than 256mb if you multithread your SA. RAM is cheap right now I'd drop in
512m of ECC ram so you can run 5 threads at once. If you want extreme drop
it in using 2*256m ECC chips on a spread-spectrum memory board (nforce).

> -----Original Message-----
> From: Federico Petronio [mailto:petrus@activesec.biz]
> Sent: Thursday, March 11, 2004 2:43 PM
> To: SATalk list
> Subject: Hardware requirements SA
>
> Hi all... I would like to know if is there any document about hardware
> requirements for SA+Postfix.
>
> My organization receives about 3000 mails per hour on peek hours and I
> am not sure about what kind of hardware is needed.
>
> Currently the Postfix is running on a Sun Netra T1 but that computer
> also provides other services so I will set up a new box for SA (just
> like a "SPAM Firewall") between the real firewall and the Sun box.
>
> Do you think a AMD 2Ghz with 256Mb of RAM and IDE HD could do the work?
>
> --
> Federico Petronio
> petrus@activesec.biz

úÄÒÁ×ÓÔ×ÕÊÔÅ

On Thu, 11 Mar 2004 17:42:44 -0300
Federico Petronio <petrus@activesec.biz> wrote:

> Hi all... I would like to know if is there any document about hardware
> requirements for SA+Postfix.
>
> My organization receives about 3000 mails per hour on peek hours and I
> am not sure about what kind of hardware is needed.
>
> Currently the Postfix is running on a Sun Netra T1 but that computer
> also provides other services so I will set up a new box for SA (just
> like a "SPAM Firewall") between the real firewall and the Sun box.
>
> Do you think a AMD 2Ghz with 256Mb of RAM and IDE HD could do the work?
don't buy additional MHz, buy the RAM.

RAM 512-1024, CPU > 1.5 GHz

--
Korchmenuk Nickolay
12 Mar 2004 09:08:31