On Mon, 20 Aug 2007, Duane Hill wrote:
On Mon, 20 Aug 2007 at 16:24 -0600, [EMAIL PROTECTED] confabulated:
On Fri, 17 Aug 2007, Eric A. Hall wrote:
On 8/16/2007 12:39 PM, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it
On Mon, 20 Aug 2007, David B Funk wrote:
On Mon, 20 Aug 2007, Duane Hill wrote:
On Mon, 20 Aug 2007 at 16:24 -0600, [EMAIL PROTECTED] confabulated:
[snip..]
I have to second that... In the early days when spammers were just
getting started, we started using some RBL's at the MTA level.
On Tue, 21 Aug 2007 at 09:33 -0500, [EMAIL PROTECTED] confabulated:
You're doing a LOT better than I am with it. Makes me wonder if I have
something set up wrong. My main SA server has a fast dual core Athlon
and 8 gigs of ram and it can get bogged down rather quickly. I wonder if
I'm doing
On Aug 21, 2007, at 8:28 AM, Duane Hill wrote:
I have seen the suggestion recently in this thread to run SA from a
ram drive. I am going to experiment with that over the course of
this next weekend. I'm not quiet sure how much increase in speed I
will get. All of our userprefs, AWL and
On Aug 21, 2007, at 11:17 AM, Duane Hill wrote:
On Tue, 21 Aug 2007 at 11:03 -0700, [EMAIL PROTECTED]
confabulated:
It seems to mostly help when it drops the message into a file for
clamav to scan.
Is that using the ClamAV plugin or outside of SA completely? I am
currently using the
On Tue, 21 Aug 2007 at 11:31 -0700, [EMAIL PROTECTED] confabulated:
On Aug 21, 2007, at 11:17 AM, Duane Hill wrote:
On Tue, 21 Aug 2007 at 11:03 -0700, [EMAIL PROTECTED] confabulated:
It seems to mostly help when it drops the message into a file for clamav
to scan.
Is that using the ClamAV
Jo Rhett wrote:
On Aug 21, 2007, at 11:17 AM, Duane Hill wrote:
On Tue, 21 Aug 2007 at 11:03 -0700, [EMAIL PROTECTED]
confabulated:
It seems to mostly help when it drops the message into a file for
clamav to scan.
Is that using the ClamAV plugin or outside of SA completely? I am
currently
Marc Perkel wrote:
Jo Rhett wrote:
On Aug 21, 2007, at 11:17 AM, Duane Hill wrote:
On Tue, 21 Aug 2007 at 11:03 -0700, [EMAIL PROTECTED]
confabulated:
It seems to mostly help when it drops the message into a file for
clamav to scan.
Is that using the ClamAV plugin or outside of SA
On Aug 21, 2007, at 11:48 AM, Duane Hill wrote:
Ok. I just examined the clamav.pm plugin and it does appear to pass
the message text directly to the ClamAV daemon through the use of
the File::Scan::ClamAV perl module. Therefore, it doesn't sound
like a temp file is created.
Read the code
On Aug 21, 2007, at 1:42 PM, Marc Perkel wrote:
I've been using Clam but I've heard of Amavisd - do I want it? What
all does it do?
amavisd-new provides a nice front-end for virus and spamassassin
scanning. It's like using spamd, but a lot more featurefull. In my
case it was the easiest
On Tue, 21 Aug 2007 at 17:43 -0700, [EMAIL PROTECTED] confabulated:
On Aug 21, 2007, at 11:48 AM, Duane Hill wrote:
Ok. I just examined the clamav.pm plugin and it does appear to pass the
message text directly to the ClamAV daemon through the use of the
File::Scan::ClamAV perl module.
On Fri, 17 Aug 2007, Eric A. Hall wrote:
On 8/16/2007 12:39 PM, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised
that so few people are preprocessing their email to reduce the SA
On Mon, 20 Aug 2007 at 16:24 -0600, [EMAIL PROTECTED] confabulated:
On Fri, 17 Aug 2007, Eric A. Hall wrote:
On 8/16/2007 12:39 PM, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat
On Mon, 20 Aug 2007, Duane Hill wrote:
On Mon, 20 Aug 2007 at 16:24 -0600, [EMAIL PROTECTED] confabulated:
[snip..]
I have to second that... In the early days when spammers were just
getting started, we started using some RBL's at the MTA level. ORBS
was one I believe. Then they went
On Aug 19, 2007, at 7:22 AM, Marc Perkel wrote:
You're doing a LOT better than I am with it. Makes me wonder if I
have something set up wrong. My main SA server has a fast dual core
Athlon and 8 gigs of ram and it can get bogged down rather quickly.
I wonder if I'm doing something wrong
On Thursday 16 August 2007 1:36 pm, Marc Perkel wrote:
Yes - that is a problem. In my case I do whitlisting og IP addresses and
that pipes most ham around SA as well. But I'm running them thriugh
sa-learn so that I have good email in bayes.
Sorry, I deleted the original post already, but I
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised
that so few people are preprocessing their email to reduce the SA load.
As we all know SA is very processor and memory expensive.
Jo Rhett wrote:
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the
only person who is doing it right. I have to say that I'm somewhat
surprised that so few people are preprocessing their email to reduce
the SA load. As we all know SA is very processor and
On 8/19/07 8:22 AM, Marc Perkel [EMAIL PROTECTED] wrote:
Jo Rhett wrote:
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the
only person who is doing it right. I have to say that I'm somewhat
surprised that so few people are preprocessing their email
Eric A. Hall wrote:
On 8/16/2007 12:39 PM, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised
that so few people are preprocessing their email to reduce the SA load.
As we all
I have a few blacklists that I trust but one thing I do is that I have
a big white list of good hosts that let me route more than half og my
good email around SA which reduces load and increases accuracy.br
Hi Mark,
would a good host be one that uses egress spam filtering?
Even companies with
Marc Perkel wrote:
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this
is the only person who is doing it right. I have to say that
I'm somewhat surprised that so few people are preprocessing
their email to reduce the SA load. As we all know SA is very
processor
also sprach Marc Perkel [EMAIL PROTECTED] [2007.08.16.0511 +0200]:
As opposed to preprocessing before using SA to reduce the load. (ie. using
blacklist and whitelist before SA)
I have a bunch of postfix sanity checks, including RBLs running
first. Then, everything is fed to spamc, which
On 16.08.07 09:39, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right.
Are you sure it's right? I do use similar configuration (and I plan use some
more filters, like greylisting on MX backups) but I wouldn't say so
generally
:14 AM
To: Marc Perkel
Subject: RE: Question - How many of you run ALL your email through SA?
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
We use blacklists (spamhaus, dsbl), do not scan mail submitted by our users
with SA
On 8/16/2007 12:39 PM, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised
that so few people are preprocessing their email to reduce the SA load.
As we all know SA is very
Eric A. Hall wrote:
On 8/16/2007 12:39 PM, Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised
that so few people are preprocessing their email to reduce the SA load.
As we all
Matus UHLAR - fantomas wrote:
On 16.08.07 15:44, Mike Jackson wrote:
RBL: dynablock.njabl.org
this one is obsole and you should not use it. It was imported to the
SpamHaus PBL and is not maintained by NJABL anymore
Thanks for that. Good to know.
Rob Sterenborg wrote:
Marc Perkel wrote:
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this
is the only person who is doing it right. I have to say that
I'm somewhat surprised that so few people are preprocessing
their email to reduce the SA load. As we
I had great results from grey-listing but my users didn't like
having to wait 30-60-90 minutes for mail, and I understand that. When
you're on the phone with someone and they say Just sent it, they
expect you to have it in a matter of seconds. As I'm often in that
positition, I had to
John Rudd schrieb:
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
I do not.
(greet-pause of 5 seconds; zen and dsbl as blacklists; local access type
blocks; dangerous attachment filename blocker; and then
On 8/16/07, Matthias Haegele [EMAIL PROTECTED] wrote:
John Rudd schrieb:
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
I do not.
(greet-pause of 5 seconds; zen and dsbl as blacklists; local
Am Donnerstag, 16. August 2007 schrieb Marc Perkel:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
I use:
At rcpt time:
callout to recipient
zen.spamhaus.org- Catches 90%
bl.spamcop.net
list.dsbl.org
callout to sender
At
On 16/08/07 08:45, Aaron Wolfe wrote:
I agree and have yet another similar setup here. We reject about 80%
as well, which helps reduce the load on the servers and on the users
who manage their quarantines. We allow users to choose whether to use
no filtering, the pre SA, reject filtering
On 8/16/07, Dave Mifsud [EMAIL PROTECTED] wrote:
On 16/08/07 08:45, Aaron Wolfe wrote:
I agree and have yet another similar setup here. We reject about 80%
as well, which helps reduce the load on the servers and on the users
who manage their quarantines. We allow users to choose whether to
Perkel [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 15, 2007 10:11 PM
To: users@spamassassin.apache.org
Subject: Question - How many of you run ALL your email through SA?
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
We don't.
We use a locally modified MaRBL that uses weighted scoring, RHSBLs
against helo/sender domain/reverse, and the BOTNET plugin (each
meta-rule gets its
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised
that so few people are preprocessing their email to reduce the SA load.
As we all know SA is very processor and memory expensive.
Personally, I'm
From: Marc Perkel [mailto:[EMAIL PROTECTED]
OK - it's interesting that of all of you who responded this is the only
person who is doing it right.
I find this comment interesting because I don't agree with using spamhaus,
spamcop, or other similar services to determine whether mail should be
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right.
I find it interesting that what seemed like a friendly question turned
out to be a quiz.
--
Chris Purves
All science is either physics or stamp collecting. - Ernest
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
One thing I noticed when experimenting with pre-filters: bayes no longer knows
about
certain kinds of spam. If, for some reason, the prefilter does not catch
It's interesting to me that your chosen example of doing it right is
in fact doing 2 very wrong things (bl.spamcop.net as a blacklist, and
sender callback).
Further, I and several other people mentioned the same basic setups as
this one (minus the 2 mistakes I just mentioned), and I am in
It's interesting to me that your chosen example of doing it right is
in fact doing 2 very wrong things (bl.spamcop.net as a blacklist, and
sender callback).
What's the problem with bl.spamcop.net?
On 8/16/07, Marc Perkel [EMAIL PROTECTED] wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised that
so few people are preprocessing their email to reduce the SA load. As we all
know SA is very
[EMAIL PROTECTED] wrote:
It's interesting to me that your chosen example of doing it right is
in fact doing 2 very wrong things (bl.spamcop.net as a blacklist, and
sender callback).
What's the problem with bl.spamcop.net?
a) poor quality control on the part of spamcop leads to lots of false
wrote on 16 Aug 2007 17:26:42 -:
One thing I noticed when experimenting with pre-filters: bayes no longer
knows about
certain kinds of spam. If, for some reason, the prefilter does not catch
(i.e. you are
one of the first to get a new spam run) then SA might pass it with neutral
[EMAIL PROTECTED] wrote:
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
One thing I noticed when experimenting with pre-filters: bayes no longer knows
about
certain kinds of spam. If, for some
[EMAIL PROTECTED] wrote:
It's interesting to me that your chosen example of doing it right is
in fact doing 2 very wrong things (bl.spamcop.net as a blacklist, and
sender callback).
What's the problem with bl.spamcop.net?
I use spamcop.net but in my opinion it's not quite good
Aaron Wolfe wrote:
On 8/16/07, Marc Perkel [EMAIL PROTECTED] wrote:
OK - it's interesting that of all of you who responded this is the only
person who is doing it right. I have to say that I'm somewhat surprised that
so few people are preprocessing their email to reduce the SA load. As we
Marc Perkel wrote:
OK - it's interesting that of all of you who responded this is the
only person who is doing it right. I have to say that I'm somewhat
surprised that so few people are preprocessing their email to reduce
the SA load. As we all know SA is very processor and memory expensive.
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
SMTP - Sendmail, which uses these to reject:
GreetPause
RBL: zen.spamhaus.org
RBL: dynablock.njabl.org
RBL: dsn.rfc-ignorant.org
RBL: bogusmx.rfc-ignorant.org
RBL:
Kai Schaetzl wrote:
wrote on 16 Aug 2007 17:26:42 -:
One thing I noticed when experimenting with pre-filters: bayes no longer knows
about
certain kinds of spam. If, for some reason, the prefilter does not catch (i.e.
you are
one of the first to get a new spam run) then SA might pass
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
I do not.
(greet-pause of 5 seconds; zen and dsbl as blacklists; local access type
blocks; dangerous attachment filename blocker; and then clamav with
John Rudd wrote:
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
I do not.
(greet-pause of 5 seconds; zen and dsbl as blacklists; local access
type blocks; dangerous attachment filename blocker; and then
Marc Perkel wrote:
John Rudd wrote:
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
I do not.
(greet-pause of 5 seconds; zen and dsbl as blacklists; local access
type blocks; dangerous attachment
On 8/15/2007 11:11 PM, Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
All email sent to port 25 goes through SA for processing. Postfix has a
couple of regular expressions and some behavioral stuff (invalid
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
I run everything through SA. I really need to upgrade from 3.1.8 to
3.2.3. :)
Peace...
Tom
Marc Perkel wrote:
As opposed to preprocessing before using SA to reduce the load. (ie.
using blacklist and whitelist before SA)
We don't. I could sum it up but it basically looks like John's setup,
except we also use SPF and greylisting in the SMTP session and that
ClamAV isn't the only
59 matches
Mail list logo
