From: Justin Fielding (justin_at_okulyillari.com)
Date: Sun 21 Nov 2004 - 01:41:03 GMT
Hi guys. I am posed with a rather strange and frustrating problem, I
hope that somebody will be able to point me in the correct direction. I
currently have a VPS (SW-SOFT VPS, not Vserver) running two websites and
their email. One site is a medium sized PHP site with an average of 5
people on-line at any time. This may peak at over 100 now and then, but
not for long or often. There are about 10 incoming aliases which only
receive a moderate amount of email (most of it spam) passing through.
The second site is a small HTML site with no database etc.. There is a
very small amount of mail passing through this domain.
The amount of incoming spam alarms me. I have taken all measures I can
to combat this. I run qmail-scanner with ClamAV protection and
SpamAssassin 3.0.2. On average I must receive up to 20 emails tagged as
spam (all scores over 20 are rejected at network level by
qmail-scanner), 50 from various mailing lists to which I am subscribed
and maybe 5-10 personal emails per day. I imagine one other account
would have this amount of traffic. Other accounts are simply taking
customer enquiries or order notifications. One big problem seems to be
that spammers not listed in the spamhaus or open relay databases are
connecting and performing dictionary attacks. All of these deliveries
to non-existent addresses are loading the server to the point where it
runs out of memory (scanning for viruses, which are often found in this
spam, plus spam tagging all takes place before the .qmail-default can
drop them to /dev/null. I have stopped sending bounce notices and have
also made sure any double bounce would go to null. Since doing this and
also compiling RBL rejection, the load has been less. I would like to
have qmail-smtp reject emails at a network level if the account does not
exist on that domain, unfortunately I cannot recompile qmail-smtp as
plesk uses a custom binary. Also, our server, from a website browsers
point of view is rather slow. It's not the connection causing this, it
is the server response. It would seem that the constant load put on the
mail services by these spam attacks is stopping the web side of things
from performing. This seems very strange. Our VPS package gives us
256MB of private RAM, and 15GB of disk space. It is supposed to be used
to offer hosting services to other companies, but I see it is struggling
with two sites!
I need to know whether our provider has just sold us a dud service (e.g.
the VPS is not performing in the way it is supposed to, maybe they are
overselling the physical host). The easiest way to do this seems to be
to find a low cost vserver provider, so that we could run email for our
domains on this vserver, and then shut-down email services on our VPS
and have this running only http and mysql services. If the performance
of email is better on the vserver, and the web services on the VPS are
not much better, we will know to discard with sw-soft's VPS concept and
also move our web server to a vserver package. If the vserver also
struggles with the email, we will have traced it to that. It can't be
any worse running on a dedicated vserver than it is running with Apache
etc on the VPS. We have had Apache and even SSH go down with 'out of
memory' messages, maybe due to the email, maybe not.
So the point to this is.. Can anyone recommend a good vserver provider?
I have seen some pretty expensive companies out there, they don't really
offer value for money. Then again I'm sure there are some who do. I
wouldn't want too much disk space (it would only be for email), I'm not
sure what the recommended RAM would be for a small mail server. For OS
I think RHE would be a stable choice. The current VPS we are on runs
FC1 and I am not so sure of it's suitability as a production system.
I know this is a little off topic, but I thought I would ask here before
I go off and google. I am aware of the massive effort put in to this
open source project, and many others. I hope that by asking for
recommendations here, I can help support those companies who support the
open source community, rather than those companies who just try to cash
in on it.
Thanks for your time,
Vserver mailing list