You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by David B Funk <db...@engineering.uiowa.edu> on 2010/01/14 21:33:20 UTC
SA at SMTP time (was Re: newbie: configure SA to reject spam)
On Thu, 14 Jan 2010, LuKreme wrote:
> On 14-Jan-2010, at 06:22, Robert Schetterer wrote:
> > http://savannah.nongnu.org/projects/spamass-milt/
>
> How efficient is spamass-milter? I've always been hesitant to try running SA during the transaction because I was afraid it would take too long.
>
I cannot speak for spamass-milter as I use a different milter
(milterassassin) but the general concept of filtering at SMTP time is
viable (depending upon your load) with a few considerations.
1) structure your filter stack so that SA runs after all lightweight
filters (DNSBL, helo checks, valid recipient checks, gray-listing, etc).
2) Make sure that your milter uses SA intelligently, not opening premature
connections to spamd (if your milter uses spamd rather than running SA
directly in the milter; EG amavisd). The milter I use talks the SA
net protocol directly (as opposed to forking spamc) and originally opened
the connection to spamd when it got the receipt-from info. This would
waste connections as unnecessary as recipient checks often would kill the
SMTP transaction. I re-coded it to collect headers and not open the
spamd connection until it reached the data-phase.
3) Adjust your MTA to limit the number of simultaneous incoming
connections to the max number of spamd processes that your SA box(s) can
reasonably handle.
With these considerations we comfortable handle 100K messages/day with
just one moderately sized SA box.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{