Archived posting to the Leica Users Group, 2008/10/16
[Author Prev] [Author Next] [Thread Prev] [Thread Next] [Author Index] [Topic Index] [Home] [Search]Brian, Yes, Spamhaus - it flags around 50% of incoming messages. The rsync is every 30 minutes and its database is around 125mb and is quite volatile, 1mb of updates in some intervals. There is a ten day free trial and non-commercial use may be altogether free. We have many mailboxes spread across several machines which also have plenty of other work to do. Some of the users have 15 year old addresses which are likely to now be on every spammer's CD ROM. We also had spamc chewing up resources and it does bring things close to a halt. Ultimately it took a combination of postfix and Spamhaus to cure the problem where it hit the hardest although on another machine Spamhaus with sendmail was enough. One could start there, it's a lot easier than tackling postfix and amavis. A very thorough person took two to three months understanding those and the related bits. John Brian Reid wrote: > John, thanks for your note. > A couple of years ago I separated spamd onto its own machine. That > works, except that during a spam avalanche the mail machine runs out of > VM or PIDs or something on spamc. Switching from sendmail to postfix is > my key goal; I know I can do that /in situ/ on the mail machine without > upgrading anything else, but the current hardware is 10 years old and > the OS is 5 years old and it just seems to be time. > > I've tried 2 commercial spam-control services, and neither one was > satisfactory. I haven't tried Spamhouse; I tried Trend's MAPS RBL, which > was useless, and I tried Spamikaze, which worked moderately well but > went out of business. > > I'll go look up Spamhouse and see what it can offer. Thanks for the > advice. (I assume you mean Spamhaus, BTW). > > >> Brian, >> >> And soon an even bigger machine will be necessary. Some steps you >> might consider if you haven't already. Forgive me for making >> suggestions, but I have been through this too and here is a three-step >> plan. >> >> 1. Use a Spamhouse datafeed with rsync and mercilessly drop anything >> incoming which is on their list. The data feed is not free, but life >> is to short to not use it. Using Spamhouse with a full-blown named is >> too slow, rbldnsd is lightweight. >> >> 2. Postfix is a quite efficient MTA, maybe the best. >> >> 3. Spamassasin works quite well, but is quite cpu intensive. It can, >> maybe should, be run on a separate system requiring amavis to do >> this. The spamassassin machine is the one whose cpu needs to grow. >> >> Dealing with spam is time-consuming enough so one occasionally thinks >> of the Homeric solution: "The son of Phyleus got close up to him and >> drove a spear into the nape of his neck: it went under his tongue all >> among his teeth, so he bit the cold bronze, and fell dead in the dust." >> >> John > > > _______________________________________________ > Leica Users Group. > See http://leica-users.org/mailman/listinfo/lug for more information