The days of squeezing every last CPU cycle out of something are
long, gone Reindl.
I really appreciate that your bound and determined to keep that
80486 server running but nobody else is doing it anymore.
Why do you think SA is written in Perl? Of all languages!!!
Sure, let's pick the -slowest- scripting language available for
a high-volume filtering system!
What is an "expensive content filter"?
It's a content filter that is run on an underpowered server that should
have been retired 5 years ago.
Dude, check out hardware prices for God's sake! They are selling
dual CPU, with each CPU quad core 1U servers for $150 on the used
market nowadays.
You can waste a whole lot of time chasing down those last bits of CPU
cycle. If your the size of Google then maybe it is still worth doing.
But if your not, then maintainability and flexibility are far more
important.
When you block something outside of SA than you lose flexibility and
increase maintenance needs. You push the ability to control acceptance
of a particular email further away from your users.
Oh sure, you can wow your friends with graphs of CPU utilization and
boast about how you managed to create a Byzantine system that would be
more appropriate with a million accounts where saving a few cycles over
all of them would actually add up to something.
But, why on Earth would you build a system with all the disadvantages
and inflexibility of a giant email provider that has to worrry about
"expensive content filtering" when your NOT a giant email provider?
Far smarter to build a system that can take full advantage of being
small when you ARE small!!!
Ted
On 6/29/2015 9:35 AM, Reindl Harald wrote:
Am 29.06.2015 um 18:29 schrieb Ted Mittelstaedt:
Of course, Postfix fixes everything from AIDS to global warming, it's
the greatest MTA ever invented. <eyeroll>
for other MTA'S score-bayes RBL handling on MTA level exists too in form
of policy daemons <eyeroll>
Exactly the kind of thing I would expect from you. Haven't you worn
out that Postfix drum your banging yet?
no but "That's why we all do our RBL checks in spamassassin" is plain
wrong, *you are doing* not "we all" - most people except you try to get
most spam blocked in a sensible way before it hits expensive content
filters, so just stop talk about "we all" if you have no clue
the RBL checks in SA are fine and good, but only for addititional
scoring comined with other rules to get messages rejected via milter
which are not on enough RBLs to block them straight ahead
On 6/27/2015 3:04 AM, Reindl Harald wrote:
Am 27.06.2015 um 10:18 schrieb Martin S:
On Friday 26 June 2015 17.40.04 Ted Mittelstaedt wrote:
But, putting RBL checks into the MTA is the best way I know to piss
off
your users since tag-and-forward is not an option on MTA rbl checking.
That's why we all do our RBL checks in spamassassin.
Could you elaborate on this? I'm "new" to running a mail server (it's
in test
phase atm) as my only experience is with sendmail many years ago. I
take it SA
does RBL look-ups by default and there is no need to att RBL
look-ups in
postfix main.cf file?
he should speek for himself and not for "us all"
a sane MTA setup is using something like Postscreen with scoring and
*you don't want* to scan and tag 90% of all mails which are on 5 or even
10 RBLs, frankly you won't waste a smtpd process at all when postscreen
can kill them
below the current month and scanning additional 200000 messages would
waste ressources all day long
Reject Postscreen: 205389
Reject Postfix: 18275
Reject Milter: 7052
Reject Temporary: 1888
Blacklist: 200032
Pregreet: 40171
Hangup: 74936
Protocol Error: 3479
