SPAM & AV Stats

The mail server in the Gartner Web Development office receives a very low volume of over all incoming emails but our SPAM, or Unsolicited Commercial/Bulk Email is about the same, proportionally, to much higher volume servers. The Open Source software used in this particular configuration is scalable to volumes much greater than these.
Unsolicited Commercial/Bulk Email, or SPAM (representing 2.52% of incoming email as of May 1, 2007) is removed with 95.47% accuracy. (Based on 22,303 incoming emails with 8,652 SPAM and 189 viruses and phishing scams blocked by Spamassassin and ClamAV – Open Source SPAM filtering and Anti Virus software – with only 4 verifiable false positives over a 7 month period.) Undesirable email can then be held on the server or tagged as SPAM to be placed into your “Junk e-mail” box within your favorite e-mail client, (Outlook, Outlook Express, Eudora, Thunderbird, etc.). Viruses and phishing scams are safely quarantined on the server, never to reach a desktop within our organization.

I’ve got the Power!Worthless as a Microsoft NT 4 Domain Controller, this PowerEdge became a workhorse, thanks to the scalability and resource efficiency of FLOSS products.

Our configuration:

The Hardware:

Dell PowerEdge 4300

  • Pentium III Xeon 497.44 MHz processor
  • 511 MB RAM
  • 17 GB RAID 5 (hardware) Ultra2 Wide SCSI – hotswap
  • Triple redundant hotswap power supply(s)

The Software

  • Postfix – MTA – Postfix can be configured to bounce/discard email based on header checks and myriad other variables.
  • Dovecot – POP3/IMAP
  • ClamAV – Antivirus
  • Spamassassin – it really does assassinate spam – It plays nice with:
    • Vipul’s Razor – A distributed, collaborative, spam detection and filtering network.
    • DCC – Distributed Checksum Clearinghouse
  • amavisd-new – the middle man by which ClamAV, Spamassassin, and Postfix where integrated. Amavisd-new has many, many knobs, some of which allow further enhancement to email filtering.
  • Mailgraph to generate the nifty graphs. David Schweikert has some other interesting contributions to IT as well.

All of this was run alongside Apache 2.2, MySQL 5.0, PHP 5, and many other necessary packages and libraries on FreeBSD 6.2

Where did the nifty graphs go?

Because the high volume of traffic to our sites was saturating our puny internet pipes, all GWD Network sites have been transferred from our in-house servers to an external host. The hardware, as listed above, easily handled 100 plus hits per minute on the web server. Email for our domains are now being handled by Google Apps- incidentally, the amount of SPAM that reaches our desktop has not changed as Google does a decent job of filtering SPAM. Web hosting is now with 1 & 1. The rates are good, we get a ton of features, and we have CLI access for scheduling cron jobs and whatnot – Fedora Core 4 as of August 2007. No up-selling or “suggestive” sell when I buy or add new products or features and I’m not embarrassed to tell our more conservative customers where their site is hosted – one of several issues we had with our former client hosting at goDaddy.
You can see mailgraph in action at http://www.stat.ee.ethz.ch/mailgraph.cgi. It is an excellent lightweight tool for mail flow visualization.