iam working on mail server in redhat \centos.
i want to know how to secure my mail server for heavy loading , any monitoring tools in GUI or console , is any essential tool which is used in Like MNC for mail server..

i know few command in like top,netstat,etc through google but i willing to know some more

Hello,

Have a look at the following sites, they'll give you some ideas:
Effective mail server defense
Securing your installation

Kind regards,

Eric

Hello,

Are you talking about load balancing, or about more in general load security, ie. DOS, packet flooding, etc?

Cheers,

Josh

well corp, iam talking about checking all avtivities in mail server,starting form accessing mail server by client to loading on server every thing all that a mail server have...

If your wanting an already configured email server (and your distro is part of the RHEL family)

I use iredmail myself and never had any problems, it even stops relaying from unknown hosts.

I mean I was attempting to allow XAMPP on my working computer as such, all I do on it is use it for local dev work, it even blocked that from using its SMTP service, using Postfix (which I use all the time now).

Like it says in that guide from that link on howtoforge, it won't be perfect but it does setup the DKIM for you which is really good and I have never had many backscatter (probably all being fair, once in 3 months of my last system upgrade), it's really superb!

Though I don't like the new iRedadmin web interface for adding in Users, as all the email users are stored in a database, either LDAP or MySQL (can't remember if it allows for PostgreSQL, but from what I remember it might do), here is the link anyhow:

http://www.iredmail.org/

I have amended it using postfixadmin, as I prefer that admin page, you don't have to pay for that like you do with iRedadmin.

I vote for http://www.iredmail.org/ too !

It's a great package.

I mean with the Perl Policy for backscatter, I get it's principles, works out where the email is being forged from (the network it originates from, as mines somedomain.co.uk (just as an example), but since I am a DHCP server to my ISP it's actually virgin's email network), it sends it from their smtp address if the recipients is from another domain.

But if the mail address is being forged to mine and it originates from mine, comes back (the backscatter part), where as the email is actually coming from a seperate network to the forged email address comes back as non delivered then it rejects it from my network.

Also coupled with the new router OS I have installed I really think I have a very secure network, was looking at artists lyric sites for some stuff just out of interest and nothing came back with any spy/malware, it's really very good.

I use snort with seems to stop allot of my annoying Spam too, since I have enabled the relevant rules for this too, worth trying to see if you can use Snort with your existing setup!

Would you please elaborate on this concept? I thought Snort was an intrusion detection / packet sniffing application. If this is the same snort, how to you integrate it into your mail system? This sounds intriguing.

Yes of course I can elaborate (excuse me if I don't make much sense though, haven't had any sleep and its 5am in the morning here )

Yes you couldn't be more right, but on the elaboration of this, is that there's some rules for both smtp and pop3 aswell as phishing spam prevention.

I mean there's a router/firewall called pfsense I have installed on my old computer (used to run centos 4.8 on a while back), before I brought an old refurbished Dell DC7100 (just wanted to try and run centos 5.5 (before I upgraded to 5.6).

I now run Snort with a number of categories enabled in the Snort config web page, then enable those rules for both my web applications and my mail server, I mean it's decreased the number of spamming emails I have been getting for some reason, whether its coincidental or because of those rules I have enabled with Snort, I really don't know.

But it's worth giving it a go if you can?

But you do need quite a bit of system resources to allow for Snort to work, mines not quite up to par to having all the rules enabled but a certain selection on the no of open ports seems to work quite well.