Re: You can start saving now

To: debian-isp@lists.debian.org
Subject: Re: You can start saving now
From: Matej Kovac <deblist@telnet.sk>
Date: Mon, 24 May 2004 13:57:20 +0200
Message-id: <[🔎] 20040524135720.A21199@ns.telnet.sk>
In-reply-to: <145423918.1085337539@[10.1.2.212]>; from mloftis@modwest.com on Sun, May 23, 2004 at 06:38:59PM -0600
References: <BEESRWD-0007039781206@recur> <[🔎] 001a01c43601$94540ce0$0f01a8c0@win2k> <[🔎] 101601c43630$91e1a1f0$ce00a8c0@SYSTEM9> <[🔎] 20040510135223.GY15705@zanclid.redellipse.net> <[🔎] 409F8BB2.3010306@zonnet.nl> <[🔎] 33698.69.149.92.241.1084832231.squirrel@client.dailydata.net> <[🔎] 1384.153.90.198.54.1084911121.squirrel@web1.cs.montana.edu> <[🔎] 20040524000508.GA15868@cliftonlabs.com> <145423918.1085337539@[10.1.2.212]>

On Sun, May 23, 2004 at 06:38:59PM -0600, Michael Loftis wrote:
> 128M?  My firewall has more than that.  My personal firewall... A 
> P120....or 133...I honestly don't remember.  But anyway who's bright idea 
> was that?  You can get ahold of 256M for like $100 or less, usually less.

this is the "business solution", and this is the way everything
blindly heads to. but it is not _the solution_.

perhaps, mr. Dale E. Martin is on right track to add memory
to server. the cost doesn't matter. but I'm sure there are better
options, I would even call them _the solution_...: test what takes
so long for spamassassin, and report it. they will (hopefully)
optimize specified part and everyone will benefit. or even better,
rewrite some parts, so they do not have so severe impact on cpu
or memory load and contribute the patch.

> 128M hasn't been enough for a server, especially a heavily used one, for a 
> loooong time, long before the Duron came out.

how it was possible to handle hundreds of emails by servers ten years
ago? doesn't matter spam, virus... its just an email. how did the
administrators managed to get results with I. older hardware;
II. older software?

long before duron came, there were hundreds of servers with 32
or 64M RAM and managed to process even larger amounts of email hourly.
even before, before there were smaller amounts of ram in servers.
and mail was delivered anyway. what track am I on...? the tools.
you cannot expect a perl tool to process so much data and expect
it will not load the server. application design is what is missing today.

I do not want to blame tools like SA or Perl for their performance
and turn it into some religious war. SA and Perl are a valuable tools
for everyone who uses it. but mainly for those, who use it right.
just as you cannot expect from a small boat to carry tons of load
throught the atlantic, you cannot expect from SA to handle [some]
mail volume on [some] hardware. of course, a kind of buzz-words can
be on SA hompage, like "we proccess X thousands emails hourly"
(note: not a cite!), but whenever I see such buzz-word on open/free
(as you like) source project, I want to see hardware which get this
result. check out http://eu.spamassassin.org/full/3.0.x/dist/spamd/
and the performance section:

=> ...Well, on my 400MHz K6-2 mail server, spamassassin process a 11689
=> byte message in about 3.36 seconds, spamc/spamd processes the same
=> message in about 0.86 seconds...

and

=> ...a 115855 byte message takes about 5 seconds with spamassassin,
=> and 2.5 seconds with spamc/spamd, or about 2 times faster...

how big emails you get? how often? read the paragraph and see numbers
like 350M and similar. I want to say is that all tools should be used
for appropriate purposes & load - on given hardware. then they are
useful.

 dislaimer: I'm writting for no one but myself. I'm not associated
 with any virus, spam or email filtering software. larry wall
 or someone from SA team hasn't hurt me (yet).

SA, once born, had some set of rules it used. being popular, more
rules apeared. SA was optimized, rewritten.. more popular, more
rules. you can expect there will be even more rules in future.
eachnew rule will be applied and scanned against any incoming email.
it will never take less time. unles rewritten, ...ups, we are
at the begining. this is not _the solution_.

perhaps, you can always use some other tool if none of above
is an option. for example, dspam. it is based on regular expresion
library implemented in C and announced to be 10 times more accurate
than SA. no automatic rules. bayes trained to the set of your email
you receive. the english will not have more words it has now.
or spanish. or other language [okay, I'm aware of exceptions, some
languages _do_ invent new words, letters, beside the option that
managers invent new phrases to say how beautiful future we would
have with their product]. but bayes is better to be trained for
new terms the spamers use. ..and forgot old [or weight less] if
you are lucky enough to have no more viagra-spam.

please, respond privately to me.

--
matej kovac
deblist@telnet.sk

Reply to:

Follow-Ups:
- Re: You can start saving now
  - From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>

References:
- Re: You can start saving now
  - From: "Richard Zuidhof" <rzuidhof@zonnet.nl>
- Re: You can start saving now
  - From: "Jason Lim" <maillist@jasonlim.com>
- Re: You can start saving now
  - From: Pascal Hakim <pasc@debian.org>
- Re: You can start saving now
  - From: Richard Zuidhof <rzuidhof@zonnet.nl>
- Re: You can start saving now
  - From: "Rod Rodolico" <stargazer@rodolico.org>
- Re: You can start saving now
  - From: "Lucas Albers" <albersl@cs.montana.edu>
- Re: You can start saving now
  - From: "Dale E Martin" <dmartin@cliftonlabs.com>
- Re: You can start saving now
  - From: Michael Loftis <mloftis@modwest.com>

Prev by Date: Re: high performance, highly available web clusters
Next by Date: Re: You can start saving now
Previous by thread: RE: You can start saving now
Next by thread: Re: You can start saving now
Index(es):
- Date
- Thread