Alan J. Flavell wrote: > On Thu, 18 May 2006, Johann Spies wrote: > > >> I have so far considered spamassassin's approach to blacklist as a >> safer option. As I understand it that a single rule in Spamassassin >> is not supposed to allocate enough points to categorise the mail as >> spam. >> > > You have the choice! > > But this idea is not exclusive to spamassassin. We have some > RCPT-time ACLs which are designed to reject mail only if a certain > combination of factors occurs together. > > Considering the comparative overhead involved in accepting DATA and > feeding it to spamassassin, it seems to me that if one can, with good > confidence, reject an item at an earlier stage (e.g RCPT), then it's > good to do so. (Although I know that not everyone is of that > opinion.) > >
It depends on your circumstances. If you have a small operation and excessive processing power then you can run everything through the standard Spam Assassin setup and do a reasonably good job of filtering spam. In my situation I'm blocing over 2 million spams a day and doing it with one primary spam filter and two backup servers. Performance is important and anything I can reject before SA reduces system load. And my setup is extremely customized and complex to help ensure that false positives are avoided. Sometimes you have to scream test things. Try something and watch it and see if anyone screams. So far so good on this one. But I could modify the code to make it require that the spam be listed in two lists before it is rejected. And I might do that if I get false positives. I rejected 20,000 messages yesterday using this and so far no complaints. It's the best improvement I've made in a long time. -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
