[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IMPORTANT: your message to html-tidy

On Tue, Sep 09, 2003 at 11:42:20PM -0700, Steve Lamb wrote:
> On Wed, 10 Sep 2003 15:32:14 +1000
> Craig Sanders <cas@taz.net.au> wrote:
> > On Wed, Sep 10, 2003 at 04:17:22AM +0100, Karsten M. Self wrote:
> > > On your own system, for your own use, sure.  For general use?  Nope --
> > yes, definitely for general use.  it's just as effective for general use as
> > it is for my personal use - in fact, if more people did the kind of stuff
> > that i do then there wouldn't be a spam problem, because the spammers would
> > just give up and go home.
>     Wow, makes you wonder how the Taiwanese would send email to each other!

well, duh.  i can't be certain of this, of course, it's just a suspicion but
maybe the taiwanese would choose not to use taiwan.blackholes.us.

they'd use whatever anti-spam methods they felt were suitable for their
environment.  as do i.

> > doing stuff like this is what it takes to have a (mostly) spam-free
> > mailbox.  nothing else works.
> SA works.  Your mistake is that you presume that if it touches SA it equals
> being accepted.

no, i do not that assumption.

i *choose* to configure my servers in this way because i feel that it works

you're free to choose differently if you so desire.

> > if anything, they complained when i switched from using a lot of
> > body/header checks rules to using SA instead - they didn't like the fact
> > that spam which used to get blocked was now being identified & tagged by SA
> > and delivered into their mailbox instead (it was necessary though, the body
> > checks rules were finding too many false positives because they are
> > effectively a "one-strike, you're out" system rather than a cumulative
> > scoring system). 
> That's why you run SA at SMTP and accept reject on that.  Anything over 8
> here is rejected.  At that scoring I get 2-3 spam a day which is tagged and
> filtered.  You said spam prevention was a hands-on process, might I suggest
> you do yourself, and your supposed clients, a favor and learn how to use the
> tools available to their fullest extent.

i'd be reluctant to do that on my home server.  the risk would be many times
greater on my work servers.....and, oddly enough, i care about little details
like whether my mail server is dying under the load or not.

also, part of the purpose for my home server is to trial things that i might
use at work.  accordingly, my home setup is very similar (but scaled down) to
my work setup....this is fairly normal AFAICT, i don't know any system admin
who doesn't do this.

so, if it doesn't scale, i'm not interested in it.  i'm generally only
interested in things that can scale up to large servers and heavy loads. 

> > > Running SA on modest HW with networking rules disabled can filter 20-40
> > > messages/hr according to Dan Quinlan (SA developer, personal
> > > conversation).
> > huh?  20-40 messages per hour is nothing....a barely noticable load on even
> > the crappiest & oldest hardware.
> > a modest system should be able to handle many thousands of messages per
> > hour.
>     Then may I ask why you brought up the whole issue of wanting to prevent
> mail hitting SA since it would *hand, staple, forehead* "overload my poor
> ancient hardware to the point of uselessness."  

because you have to design a system to cope with PEAK load, not minimal or even
average load.  if a system can't cope with (at least!) what it is going to get
at peak, then it is broken.  preferably, it should be able to cope with several
times the measured or estimated peak load and then some....otherwise it'll die
the first time it gets a DDoS attack or other unexpected event.  the internet
is a hostile network environment, and anyone who knows what they're doing plans
according to that fact.

also, you can not extrapolate linearly from a light, bursty load to heavy
sustained load.  that does not work.  the effects of sustained heavy load are
qualitatively different, not just quantitively.

when you get experience on real mail servers, you may begin to understand this.

> Make up your mind.

i have made up my mind.  what's more, i have the experience and knowledge to
justify my decisions.


Reply to: