We’ve been working on a reference design for a customer and have arrived at something that is pretty interesting. Our reference design allows large scale anti spam for service providers, scalable spam protection for enterprises and fully redundant antispam protection.

Mailspect Defense Antispam Reference Design for Large Scale Antispam Deployment

In this reference design we have Postfix handling SMTP relays and transports from LDAP. Each Postfix instance speaks remotely to mppd for policy services through a load balancer. Mppd handles STMP checks (per domain or per policy) WBL’s, Spamtraps, SPF, SMTP logging and AutoWBL’s at this level. The Postfix Policy Server of mppd is highly intelligent and works in tandem with the post-queue processor component of mppd. So for example, if we find a remote system is sending too much spam they are added to a dynamic blacklist and then cut off at the SMTP transaction.

After the SMTP session is accepted then Postfix, if required by the Stream Policy, Mailspect will send the message using the Postfix Content Filter protocol, to a pool of load balanced mppd servers.

All of the servers share common configurations and quarantine and settings databases so a new node can be quickly added for expansion.  A cluster like this can easily scale to many millions of messages a day with surprisingly sparse hardware.

Please ping me back if you have any questions or concerns!