Re: Spam on the BTS
* Blars Blarson:
> On Sat, Sep 03, 2005 at 06:59:44PM +0200, Florian Weimer wrote:
>> CBL has the advantage that you can make a local copy of the list
>> (which reduces name server load and avoids the name lookup latency),
>> but its license is somewhat non-free. Is this a problem for Debian?
> spohr is already running a nameserver, so it would have to run on an
> alternate port. I havn't looked into how hard it would be to convice
> spamassassin to use something like this.
Of course you don't query the local blacklist copy over DNS. 8-) CBL
doesn't even use prefixes, so no special data structures are required
to do this.
>> What's causing most of the load right now? I think some of the effort
>> should probably concentrate on getting legitimate mail through faster.
> spamscan is single-threaded, and the latency of DNSBL lookups is the
> main delay. We have less than 1 second to process each message on
Hmm. Does spamscan load SpamAssassin each time it's invoked?
> Once it becomes multi-threaded CPU usage could become an issue,
> especially if we upgrade to spamassassin 3.
You absolutely must avoid piping all mail through SpamAssassin because
it so CPU-intense. With Exim 4, you should be able to reject the more
obvious spam directly at the SMTP level (^MZ and ZIP attachments, mail
to archived bug reports), and pass through likely non-spam messages
(certain keywords in the body, already known sender addresses, and so