[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse
Subject:    Re: [opensuse] Can spam be defeated?
From:       Sandy Drobic <suse-linux-e () japantest ! homelinux ! com>
Date:       2006-12-21 13:08:56
Message-ID: 458A8768.1040701 () japantest ! homelinux ! com
[Download RAW message or body]

Carlos E. R. wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> The Thursday 2006-12-21 at 12:35 +0100, Sandy Drobic wrote:
> 
> 
>>> Using blacklists for warning/marking purposes seems ok to me, but letting a
>>> blacklist make decisions can be dangerous. Just my opinion.
>> Spamassassin and consorts do that kind of check. Unfortunately, these checks
>> are expensive (many external dns queries and cpu intensive content checks). If
>> you have a high-volume mailserver you will probably choke on all the spam that
>> gets processed by the content_filter.
> 
> However, I understand that this is precisely what SuSE server does. You 
> know, _I_ would be rejected otherwise ;-)

The Suse server is not exactly high-volume. It may receive some ten 
thousand mails per day, not much more. Believe me, if the list server had 
to process all mails that it is SENDING for spam and viruses it would need 
some SERIOUS hardware. (^-^)

I am very glad that the suse server accepts mails from dynamic ips. Though 
the listserver has the protection of only allowing the list subscribers as 
sender addresses. That is probably why it is possible at all.

The postfix-users mailing list gets a lot of cries for help because the 
mail queue has piled up into dimensions that threaten to bury the server. 
Usually it is because either to many mails are waiting to be processed or 
because of a misconfiguration the machine is not used efficiently.
Unfortunately nothing can be done if the machine is simply buried in a 
spam run.

So my policy is to use pretty reasonable checks that seldom reject wanted 
mails, configure a whitelist for those few (usually a handful within some 
month) and let spamassassin analyse the rest.

Since robust and capable server hardware has become easily affordable it 
is possible for low-level volume sites (less than 50000 mails per day) to 
use pre-queue content filtering and reject the mails directly. The 
configuration is a bit more difficult because all filtering has to be done 
fast and only as many concurrent connections are possible as concurrent 
content_filter processes are supported by the hardware.

Sandy
-- 
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]