On Tue, May 11, 2004 at 07:21:15PM +0200, Michelle Konzack scribbled: > Am 2004-05-11 14:11:06, schrieb Marek Habersack: > >On Tue, May 11, 2004 at 10:49:47AM +0200, Bartosz Fenski aka fEnIo scribbled: > >[snip] > > >> It's not so easy. In fact checking GPG signatures when fetchmail > >> downloads mails will kill my machine. > >You don't have to do it when fetchmail is fetching them, I suppose. It could > >as well be done in your MUA, I think. > > I think, he was meaning, if he fetch the mail and check it for example > from the ~/.procmailrc gpg eats up all resources !!! Yes, that's what he meant. What I meant, OTOH, was that the check can be done by the MUA when it is visiting the mailbox/maildir - that is, on demand. > I have done this tooo on a PII/233 with 128 MByte memory... > But additional 'spamassassin' (bayesian) and 'f-prot' ;-) My condolences :) > They need for a 512kBit ADSL an PII/500 with 256 MByte minimum > if I get around 200 Messages in one time. Now I check the 176 > Mailboxex continously ! and it works quiet well, but if I have > a Line-Drop for some hours... I run in trouble ! Most of the checking should/would be done on the server (Bayesian filtering etc.), but your MUA could check the GPG/PGP sigs when you visit the folder on your local machine. That would take off a lot of load, since the server can do it more effectively (the mails aren't incoming all at the same time). > >> Right now after night I have to download about 200 mails. Bayesian > >> filtering + procmail takes my machine about 10-15 minutes to sort out > >> this. With GPG signatures I will have to get up one hour earlier ;) > >May I ask why aren't you filtering on your server? > > I have a dedicated $HOME Server which run 24/7 with nfs-user-server, > samba, netatalk, apache, proftpd, ssh, courier-(imap,mta,webadmin) Is the server the MX for your domain(s)? > Maybe a little bit to much for a PII/233 with 128 MBytes Hrm, I would say so :) > But it works generaly very fine... No problems with my 5 Workststions. that's good > >> Yes but there are less or more complicated filtering solutions. > >> Sure I can write very complicated rules for procmail + bogofilter > >> + spamassasin + gnupg checks + <put whatever you want>, but hey... every > >> check needs CPU power and harddrive access. > >You got that right, the programs you listed above can take all of your CPU, > >indeed :) But how about integrating PGP/GPG checking (not necessarily with > >gnupg) inside the spam filter? And rather not one written in Perl? > > Hmmm, i get per day between 3000 and 3500 Messages on my FileServer > with around 100 $USER and 176 Mailaccounts (fetched) That's not much. > Now I cycle the fetching central from the first E-Mail to the last > and then it begins new... > > Which mean, that I get all 30 seconds a message !!! > > This works very fine with > > fetchmail -> procmail -> spamassassin (bayesian) -> f-prot -> gpg > > The load on my FileServer is around 0.8 to 3.5 I think it would be more efficient if you did fetchmail -> MTA -[filter]> amavis[spamassassin] -> LDA[gpg] (replace amavis/spamassassin with something else, if you like, of course) You would save on invoking spamassassin from procmail for each mail as it would run as a daemon. Also, arguably, maildrop might be faster than procmail (then again, if you do A/V and spam protection in the MTA filter chain you might get away totally without procmail/maildrop) > >> That looks interesting. Thanks for pointing it out to me. > >I can certify it works well - my boss is subscribed to as many mailing lists > >as I am, and yet he receives 1 (_one_) spam/week on average. > > 'spamassassin' find all SPAM's too. Well, I would be cautious with that 'all'... regards, marek
Attachment:
signature.asc
Description: Digital signature