Mailinglist Archive: opensuse (4610 mails)

< Previous Next >
Re: [opensuse] Can spam be defeated?
  • From: Sandy Drobic <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Thu, 21 Dec 2006 14:08:56 +0100
  • Message-id: <458A8768.1040701@xxxxxxxxxxxxxxxxxxxxxxx>
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Thursday 2006-12-21 at 12:35 +0100, Sandy Drobic wrote:


Using blacklists for warning/marking purposes seems ok to me, but letting a
blacklist make decisions can be dangerous. Just my opinion.
Spamassassin and consorts do that kind of check. Unfortunately, these checks
are expensive (many external dns queries and cpu intensive content checks). If
you have a high-volume mailserver you will probably choke on all the spam that
gets processed by the content_filter.

However, I understand that this is precisely what SuSE server does. You know, _I_ would be rejected otherwise ;-)

The Suse server is not exactly high-volume. It may receive some ten thousand mails per day, not much more. Believe me, if the list server had to process all mails that it is SENDING for spam and viruses it would need some SERIOUS hardware. (^-^)

I am very glad that the suse server accepts mails from dynamic ips. Though the listserver has the protection of only allowing the list subscribers as sender addresses. That is probably why it is possible at all.

The postfix-users mailing list gets a lot of cries for help because the mail queue has piled up into dimensions that threaten to bury the server. Usually it is because either to many mails are waiting to be processed or because of a misconfiguration the machine is not used efficiently.
Unfortunately nothing can be done if the machine is simply buried in a spam run.

So my policy is to use pretty reasonable checks that seldom reject wanted mails, configure a whitelist for those few (usually a handful within some month) and let spamassassin analyse the rest.

Since robust and capable server hardware has become easily affordable it is possible for low-level volume sites (less than 50000 mails per day) to use pre-queue content filtering and reject the mails directly. The configuration is a bit more difficult because all filtering has to be done fast and only as many concurrent connections are possible as concurrent content_filter processes are supported by the hardware.

Sandy
--
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups