On Tuesday 08 April 2003 20:25, Markus Welsch wrote:
[spamassassin]
> since it's written in perl it will be a huge performance decrease, right?
The biggest problem with spamassassin is the startup delay until the
interpreter is loaded and the perl program is compiled. Running with
spamd/spamc should make the load manageable in most cases, given enough RAM.
Depending on your setup, you may want to use spamassassin in the delivery
agent instead of content_filter and allow your users to tune spamassassin
(ask on their mailing list, IIRC there were some webfrontends under
development).
Filtering for only some domains: you probably can do it by defining a
content_filter enabled transport in master.cf and a transport without, and
using a transport table to direct mail to the relevant transport agent
depending on the domain.
I recommend putting some DNSRBLs in front of the system; for me the blacklists
catch >80% of the spam and only the remainder is piped through spamassassin,
this lessens the load massively (I think I can say that although load is not
a problem in my system - too small).
DNS lists I use right now:
sbl.spamhaus.org,
list.dsbl.org,
relays.ordb.org,
spam.dnsrbl.net,
proxies.blackholes.wirehub.net,
korea.blackholes.us,
china.blackholes.us,
ipwhois.rfc-ignorant.org
No false positives that I know of, so far. I think about adding spews
(spews.relays.osirusoft.com, IIRC), but you probably don't want this as they
are quite aggressive. I also don't recommend using the spamcop list to block
(I use it from spamassassin to tag mail), as they are too trigger happy (OTOH
erroneous blocks disappear quickly, too).
Depending on your policy, you may want to add some of the dialup blocklists.
As I send mail from my dialup link regularly myself, I don't use these. OTOH
I can understand people who do this.
If you have some very important people you never want to lose connectivity,
make sure to whitelist them, so you'll not get trouble if they land on one of
the blacklists.
cheers
-- vbi
--
featured link: http://fortytwo.ch/time
Attachment:
pgpt0DkbZ0bN_.pgp
Description: signature