Re: SpamAssassian with FreeBSD and Big Mail Server

From: Oliver Brandmueller (ob_at_e-Gitt.NET)
Date: 02/25/05

  • Next message: Randy Adamczyk: "Re: Why the mail error for domains I don't host?" 
    Date: Fri, 25 Feb 2005 17:58:40 +0100
To: freebsd-isp@freebsd.org

    Hi.

    On Wed, Feb 23, 2005 at 12:15:22PM +0100, Randy Adamczyk wrote:
    > do you receive a _lot_ of spam? if you are running into recource
    > problems because of spam, you should look into greylisting:
    >
    > http://www.greylisting.org/
    > http://projects.puremagic.com/greylisting/whitepaper.html
    >
    > greylisting for exim + spamassassin:
    > http://greylisting.org/implementations/sa-exim.shtml
    >
    > i use greylisting with postfix, spamassassin and virus-scanners with
    > amavis-new. spamassassin hardly has any work to do since i implemented
    > greylisting.

    And when doing things greylisting, please try to see both sides.

    Since people tend to see only their side, I will now describe the
    medium-sized-ISP side of things.

    Well, everyday life. Spam of course also hit's our servers and due to
    legal things we cannot just filter every incoming mail. Queues are
    around 5000 mails. That's OK with our hardware.

    Then, one day, someone invented greylisting. Great idea. Since
    especially universities and other organizations like this have adopted
    it, his means that quite a lot of mails go to servers with greylisting.
    Queues have grown since then. 10000 per server average is what we see
    now. The problem here is, that in theory the server tries again after 5
    minutes and gets the mail delivered. The real side of the problem is:
    The bigger the queues are, the more time it takes until you come up with
    the same mail again. So mail takes not 30 seconds to arrive,not 5
    minutes like greylisting theory, but maybe half an hour. That's already
    a value some customers complain about. Now people without the slightest
    idea what they are doing start to implement greylisting. They get the
    connection from 123.123.123.1 the first time and send their temporary
    error. Fine. The queue runner on 123.123.123.7 picks up the mail next
    time. Temporary error, because the .1 is currently allowed to send the
    mail. OK, second temporary error. Mail stored in lower prio, next
    delivery attempt in one hour. And so on.

    Greylisting makes a lot of trouble at big sites. And mens longer and
    sometimes very delivery times for mail.

    Great idea, yeah, spread that to the world, maybe the day will come,
    when snailmail is faster...

    - Oliver 

    -- 
| Oliver Brandmueller | Offenbacher Str. 1  | Germany       D-14197 Berlin |
| Fon +49-172-3130856 | Fax +49-172-3145027 | WWW:   http://the.addict.de/ |
|               Ich bin das Internet. Sowahr ich Gott helfe.               |
| Eine gewerbliche Nutzung aller enthaltenen Adressen ist nicht gestattet! |

  • Next message: Randy Adamczyk: "Re: Why the mail error for domains I don't host?"

    Relevant Pages