Re: tmda (was Re: Attach filter)

To: debian-user@lists.debian.org
Subject: Re: tmda (was Re: Attach filter)
From: Steve Lamb <grey@dmiyu.org>
Date: Mon, 12 Jul 2004 12:31:00 -0700
Message-id: <[🔎] 40F2E6F4.2020408@dmiyu.org>
In-reply-to: <[🔎] 20040712184914.GA19582@nebula.homeunix.net>
References: <1088182152.40dc578861fae@webmail.icb.usp.br> <slrncdond4.lj5.spam@home.bounceswoosh.org> <87pt7npknn.fsf@ursine.ca> <slrncdos7p.lj5.spam@home.bounceswoosh.org> <[🔎] 20040708114624.GB1971@ix.netcom.com> <[🔎] 20040710200047.GA26517@nebula.homeunix.net> <[🔎] 20040712005154.GA27730@ix.netcom.com> <[🔎] 20040712184914.GA19582@nebula.homeunix.net>

David Fokkema wrote:
>>  - The math for C-R simply doesn't scale.

> ?

    I'm not sure what Karsten had in mind here but let me give my first hand
view on this piece.  My current employment gives me access to TMDA in
production use.  In one instance a client of ours gets over 9,000 messages *a
day*.  Virtually all of it is spam.  They have configured TMDA to C-R.  So
follow the math.

9,000 messages a day for 14 days (default pending queue) is 126,000 messages
in the pending queue at any given time.  I believe this is a modified maildir
format.  Not pretty.

9,000 challenges sent out a day.  Most of which are to invalid addresses.
Those that aren't are sent to an innocent 3rd party.

Close to 9,000 bounces generated a day thanks to the above challenges being
sent out.

    So for an initial investment of 9,000 messages we've generated close to
18,000 more, all of which are worthless but need to be processed.  Those are
tons of connections going out, loads of logs being written.  CPU time wasted,
hard-drive space taken up.  And that's just one client with a modest number of
addresses (5-6?).

    C-R does not scale because in its best implementation, barring any other
filtering, is an n*2 (spam + challenge) and often is a n*3 solution (spam +
challenge + bounce).  As the spam problem gets worse C-R compounds it.

    Mind you that the offical TMDA party line might be to use it as part of a
grander scheme but some people have come here to this list to tell those of us
with a little clue that C-R (in particular their broken implementation, not
TMDA) was far superior than spam filtering and that spam filtering simple was
not needed and a waste.

    C-R works best when integrated into a larger spam-filtering solution.  IE,
any marginal message within a narrowly defined statistical range would get a
challenge.  Anything below that narrow range is passed through.  Anything
above is rejected.  But as Karsten has pointed out at that point what's the
point since filtering is doing virtually all the work anyway?

    Filtering does not compound the problem.  Filter those 9k messages and
reject most at SMTP time you've only had to process.... 9,000 messages.  Not
18,000.  Not 24,000.  9,000.

-- 
         Steve C. Lamb         | I'm your priest, I'm your shrink, I'm your
       PGP Key: 8B6E99C5       | main connection to the switchboard of souls.
-------------------------------+---------------------------------------------

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: tmda (was Re: Attach filter)
  - From: "Monique Y. Mudama" <spam@bounceswoosh.org>
- Re: tmda (was Re: Attach filter)
  - From: David Fokkema <dfokkema@ileos.nl>

References:
- tmda (was Re: Attach filter)
  - From: "Karsten M. Self" <kmself@ix.netcom.com>
- Re: tmda (was Re: Attach filter)
  - From: David Fokkema <dfokkema@ileos.nl>
- Re: tmda (was Re: Attach filter)
  - From: "Karsten M. Self" <kmself@ix.netcom.com>
- Re: tmda (was Re: Attach filter)
  - From: David Fokkema <dfokkema@ileos.nl>

Prev by Date: Re: How Might I Help?
Next by Date: Any way to search executable name?
Previous by thread: Re: tmda (was Re: Attach filter)
Next by thread: Re: tmda (was Re: Attach filter)
Index(es):
- Date
- Thread