users@spamassassin.apache.org

[Jim Barry <ji...@jbarry.net>]

I've been running with a new configuration for the past week and I wanted
to garner any comments you may have.

For the past week, I have been running Exim w/ Exiscan.  I used to deny at
the SMTP level failures on dnslist blacklists and other fatal issues.  Now
I permit all connections to proceed (except for "unknown users" after
RCPT) through 'DATA'.  I now have exiscan w/SA and ClamAV checking
virtually every attempted email even though I may know I am going to deny
it for reasons during the RCPT or HELO exchange.  "Discard" level spam
scoring emails (or failures at the other steps) cause a reject after the
end of DATA.

I also run MailScanner w/SA after a message is received successfully by
the MTA.  MailScanner runs it's checks. including a secondary Virus
scanner, and handles reporting "low" scoring spam to the end users.

So the question is this:  Does it make sense to permit SA to examine as
much mail as possible even when I already know I can reject most of it
prior (dnslists, sender verify, etc)?  Is there enough benefit to the AWL
and Bayes to offset the additional processing?  Does the cost of running
SA twice on 5-10% of incoming email in this configuration make sense for
the benefits (if any?)?