SpamAssassin 3.0 has been released. A few configurations settings has been removed and replaced by other keywords in this release. This affects phpsaadmin a bit. The rewrite_subject configuration setting does not work in SA 3.0.
I will update phpsaadmin in the near future so it is compatible with SA 3.0.
Keep your eyes out for SpamAssassin 3.0. If all goes as planed it is going to be released the 9/9.
You can download it here. There are som links of interest at Michael Swanson’s Blog.
At the moment it is only available in English and German.
If you do not have your own block of IP-addresses and BGP routing between your different ISP then it is a bit tricky to do load balancing with Linux.
The problem can be devided into two parts. Incoming and outgoing traffic.
Outgoing traffic
There are a few ways to split the traffic between mulitple lines. One way is to add multiple gateways with the ip command.
ip route add default scope global equalize nexthop via "gw1" dev ethx weight 1 nexthop via "gw2" dev ethy weight 1
This is the most simple method. There’s also some problems with it. It confuses some servers who track the IP address of the user (HTTPS is one example).
Another way is to split the traffic by protocol. You mark the packages with iptable and then use “ip” to route the differents protocols to different lines.
ip rule add fwmark 1 table 100 pref 1000
ip rule add fwmark 2 table 200 pref 1000
ip route add table 200 scope global nexthop via x1.x2.x3.x4 dev ethx
ip route add table 100 scope global nexthop via y1.y2.y3.y4 dev ethy
iptables -t mangle -A PREROUTING -i eth0 -p tcp --dport 22 -j MARK --set-mark 1 # ssh
iptables -t mangle -A PREROUTING -i eth0 -p tcp --dport 443 -j MARK --set-mark 1 # https
iptables -t mangle -A PREROUTING -i eth0 -p tcp --dport 110 -j MARK --set-mark 2 # pop3
If 99% of your traffic is http, then this method works poorly.
A third method is to bind multiple nics to one virtual nic with teql. This method works best with normal ehternet and not your internet connection.
I am a network administrator at a site with about 900 residential users and we use the method with fwmark to route all “serious” traffic on line and all other (mostly p2p) to the other line.
Incoming traffic
With this type of traffic you need to be creative with DNS.
Links of interest:
I get some spam in my comments on this blog and therefore I began to look for a RBL system to integrate with WordPress. Unfortunately I could not find one, so I decided to write it myself. The downside of this is that I only have a small number of IP addresses of spammers that abuse the comments sections of the bloging software.
To make the system more effective I need more data and this is were I need you. Please report abuse of your comment section.
For more information see http://www.aub.dk/~misak/spamblog/