[unisog] sendmail vulnerability / impact

H. Morrow Long morrow.long at yale.edu
Fri Mar 7 17:43:54 GMT 2003


We handle over a million message each day on our central mail relay servers.
They already handle most of the inbound email for Yale (approx. 20,000 users).
Adding a few more messages to be relayed to a small Unix lab server in the
sciences is not going to substantially change that.

We currently have four servers just providing mail relaying in and out of Yale.
They are fully redundant and can be replaced easily.

There are separate POP/IMAP servers for both central and the medical campus.

Actually we find that the smaller mail servers have the most problems
and are the least reliable (running out of disk space, lacking patches,
bouncing messages, relaying spam, etc.).  These are in the 1 to 25
person range and only support a small group or lab however, very few
departments run their own mail servers anymore.

H. Morrow Long

Mitch Collinsworth wrote:
> On Fri, 7 Mar 2003, H. Morrow Long wrote:
> 
> 
>>We have a plan to block all TCP port 25 traffic into our campus network
>>beginning this summer.  We are just in the planning stage.  We plan to
>>offer MX records for any hosts/departments who insist that they need to
>>run their own Email servers and receive email on them.  The MX records
>>would provide for automatic relaying via our main campus email relays.
> 
> 
> Just an observation but as a departmental admin I would hate being
> forced into this model.  Maybe your central mail servers are more
> stable than they are here but our central mail service has a LOT
> more downtime events than our departmental mail server.  I know the
> folks that run our central service and they're good competent folks,
> so it's not merely an issue of sysadmin incompetence.
> 
> My best guess is it's more of a scaling issue than anything else.
> Running a mail service for several tens of thousands of users has
> got to be a lot harder than running one for 500 users.  Making the
> higher reliability service dependent on the lower reliability service
> is poor engineering.
> 
> -Mitch




More information about the unisog mailing list