Hi all,
I work for a major email service provider. Our
management has asked us to investigate using iptables as "NAT engine"
for outbound mail.
The outbound mail is the only traffic the
server will see. No inbound mail, web, etc. The machine(s) will have
a public facing NIC and a NIC for the internal LAN.
The machines will see over 1 million emails in a 24 hour period.
My questions are:
Can iptables handle this volume?
What modules, tables and rules to use to optimize iptables for this type volume? All of the mail is sent on the standard port 25. We need to optimize for quick deliverability. (I've read the man page and looked at TOS with the mangle table. I read somewhere that this only for udp.)
Is there a way to estimate how much hardware we would need for a given volume of mail?
Are there any use cases that I can show management?
Is there commercial support available?
We really want to sell this to management. We have gone through 2 major brands of commercial devices for NATting that aren't making the gradefor what we are paying. Any ideas and insights appreciated.
Thanks,
John
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
