SENTINIX as a Secure Mail Server Cluster

hatch

April 19, 2004

After reading a bit about the Sentinix GNU/Linux distribution, I wasn’t entirely interested because it’s described as a Linux distribution for network monitoring intrusion detection, penetration testing, auditing, statistics/graphing and anti-spam.

The anti-spam feature seemed to be a minor addition.

That is until I read an article about the current Sentinix release from November 2003 on NewsForge.

Ignore the title of the article too and scroll down to the middle of the page where they mention how the OpenMosix clustering enables it to be a Spam/Virus filtering super-computer.

Specifically, check out these quotes from the article:

“As a sysadmin I have frequently seen the need to add more processing power as e-mail traffic increases. The e-mail server is suddenly overloaded and a solution is needed immediately. With the typical system design, this is never easy, it is always tedious and expensive, and it generally causes down time. So, you follow a period of poor system performance by one of system outage.”

“But SENTINIX is on openMosix. You add a new computer to the network, boot it from the SENTINIX CD, and a node adds itself to the Cluster. In seconds the load is being taken up by the new “temporary” machine and the old server is back to running as intended.”

bknox: “So, you are just using the built-in load leveling of openMosix with these standard e-mail filtering applications? And the results?”

michel: “Thats right, SpamAssassin and MailScanner are processing intensive, use modest IO, and the e-mail handling generates several forked processes. We thought that this would be great fit for openMosix and it is.”

bknox: “OK, I know the theory. Processes automatically move to the available resources. But, the proof is in the results. What kind of test results have you seen?”

michel: “My tests are not rigorous or scientific, but sending a huge number of e-mails to a dual-processor (SMP) SENTINIX node plus one additional openMosix node will generally lower the workload on the dual-processor system and also finish the last e-mail more quickly (20-25% faster with no tuning or special consideration given to the cluster). I will share the details.”

It’s been awhile since the Sentinix distro has been updated, but the mailing list is fairly active — apparently with an upcoming release in the works!

Cool!