On 07/11/2012 08:52 PM, Ken Moffat wrote: > I'd forgotten what a PITA it was to get the sa rules loaded - until > I tried to build a new system for my server. The previous time was > last autumn, using LFS-6.8, and I vaguely remember that getting the > rules from yerp.org was troublesome. Now, I'm back at that stage > and yerp.org has again fallen off the net. > > In the past 9 or 10 months since I built my LFS-6.8 system I've > noticed that happen intermittently (I try to update the rules > frequently). > > BUT - is it worth me persevering with trying to get these rules ? > I notice that Mail::SpamAssassin doesn't seem to have been updated > in that period, although the yerp.org rules certainly have been. I > also note (on LFS-6.8) that very little now gets trapped as > 'caughtspam' and the few pieces of spam and phishing that appear, > and get used for spam training, don't seem to impact on what gets > caught. i.e. I still see several pieces of spam / phishing each > week. > > Is SpamAssassin still useful ? Is there a better solution ? > Thanks. > > ĸen >
Depends on how complicated you want it to be I guess, but no one solution is foolproof. Here are last week's stats (for only 4 mail users now): ======================================================================= postal.lucasit.com delayed (or stopped) 429 connection attempt(s) via greylisting, 298 attempt(s) by RBL (zen.spamhaus.org), and 2087 attempt(s) by RBL (b.barracudacentral.org). An additional 903 message(s) were rejected due misconfigured or locally blaclisted mail servers. SpamAssassin identified a total of 99 spam message(s). A total of 603 message(s) were delivered, post-gauntlet, having potentially stoped a total of 3114 spam message(s) from ever being processed by SpamAssassin. ======================================================================= As you see, SA is still doing some work, but it is overshadowed by the RBLs. It is far more efficient to block at the door and send a 5xx error immediately, but some people either cannot (as in law) or don't like to block anything. If that is the case, something more complex may be called for. A really cool frontend server that I haven't even done for myself yet is Maia Mailguard. It's probably overkill for a home mailserver, but from what I gather, this one can go head to head with a lower end IronMail or a Barracuda 510 device. I did do this one up in VirtualBox for friend of mine who needed something quick when the subscription to his Symantec appliance ran out. He took it and ran with it. Had some difficulty in getting networking going in ESX, but he worked around it quickly enough. I never even got to see it work beyond my little testing environment (Exchange was quite painful in a virtual environment with only 8GB of RAM to work with). Here is the readme I sent him with it: http://www.lucasit.com/maiamailguard/MaiaVM-Readme.txt References are at the bottom of the file if soemthing like that interests you. VMDK and VDI files are still there too, but I wouldn't recommend them as they are a year old now. Barracuda also offers a 30 day freebie of their hosted filtering if an emergency. -- DJ Lucas -- http://linuxfromscratch.org/mailman/listinfo/lfs-chat FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
