> The problem with SpamAssassin as I understand it (and in my experience) > is that it does a lot of stuff with each mail and gets bogged down very > quickly. Dspam's main touted feature is its low overhead and ability to > handle high volumes efficiently (I have no idea how well it lives up to > that, which is one reason I want to try it). Tests I've done with SA > indicate that it can easily take 10+seconds to process one email.
I've been using dspam in production for about 3-4 years now, maybe a bit longer, and I can say I'd never go back. In that time, there was a stretch of about 2-3 years where not a single spam made it through to any users' mailboxes. Now the spams are getting a bit trickier to catch, so we see maybe 1-2 spams slip through _per month_ across all users, but its also stopping about 3000-4000 incoming spams per-day. I also added graymilter in front of that, and it dropped the incoming spam by about 90%. The combination of the two has made a HUGE difference. The speed of dspam is imperceptable. The main benefits (for my needs), is that it allows the user to manage, train/retrain and condition their own personal spam thresholds. If one user WANTS all of that HTML, web-bug-laden email, they can have it. If another one wants none of that garbage, they can have that too. The web-based queue lets them tweak it however they choose. If a spam slips through, they just forward it to '[EMAIL PROTECTED]' for example, and dspam will retrain it so they no longer receive emails of that type any longer. If they made a mistake, they can go to the web-based quarantine or queue and resend it back to their inbox (this also applies for false-positives). dspam will retrain it with a lower score and let it through. It also has automagic whitelists, greylists and other features. Back when I ran SA, we were using 15 RBLs, about 40 custom rulesets in Sendmail, and SA was trained down to a 2.0 threshold. After 1-2 years of using it, it was still only scoring 85%-90% accuracy, and we were getting 20-30 incoming spams slip through every day. After replacing SA with dspam and training it with the spam/ham corpus, we were at 98%+ within a week. It's steadily gotten better since. I think we're at 99.835% accuracy now (based on running dspam_stats a few moments ago). We're also using no RBLs, no custom rulesets, and I no longer have to shroud my email address with standards-compliant "tricks" to stop spammers from harvesting it. I can put my email address anywhere and everywhere, and not worry about spam... because I simply don't get any. I *HIGHLY* recommend it, if you're on the fence. jonz (the main author of dspam) in #dspam on IRC is a great guy, and has been very helpful with all of my questions over the years of running it. David A. Desrosiers Linux on Power Developer Program Manager [EMAIL PROTECTED] _______________________________________________ Peterboro mailing list [email protected] https://mailman.lug.org.uk/mailman/listinfo/peterboro
