[Esd-l] Holy cow!
simon at paxonet.com
Tue Nov 5 13:03:01 PST 2002
On Tue, 5 Nov 2002, Scott Wiersdorf wrote:
> On Tue, Nov 05, 2002 at 12:26:34PM -0800, Simon Matthews wrote:
> > On Tue, 5 Nov 2002, Scott Wiersdorf wrote:
> > > On Tue, Nov 05, 2002 at 01:20:58PM -0600, Brad Wyman wrote:
> > > > actualy i did get a lot of "Holy cow man" stuff that got caught by
> > > > spamassassin befor it even got to the sanitizer. i rearly run anything
> > > > marked as spam threw sanitiser, trying to save cpu time i "quarantine" it
> > > > then later check for non spam and just dump it
> > >
> > > I run that in the reverse order: sanitizer first, then SA.
> > > Sanitizer/procmail is _far_ more efficient CPU-wise than SA/perl.
> > > Don't try shoving a 300k msg through SA, btw, unless you've got a
> > > *lightly* loaded server.
> > Scott,
> > Why would you run a 300k email through SA? I use a flag in procmail so
> > that SA only sees emails that are less than 150k. I don't think I have
> > ever seen a spam that is larger than 150k.
> That's my point exactly. Unless you explicitly add a procmail
> condition to prohibit it (or are running spamc/spamd which has a size
> limit), SA will attempt to slurp the whole message (inefficiently)
> which kills any server with large messages going through it.
> Sanitizer/procmail doesn't have any problems with large messages.
So how difficult is is to put:
* < 150000
in the section of your procmailrc where you call SA? Or in full, I have:
* < 150000
| /usr/bin/spamassassin -P -D -a
> All I was trying to convey was that sanitizer/procmail is better
> suited to handling mail messages (of all sizes) generally and should
> be put first in anyone's filter chain (that is, once it gets to the
> LDA). Once sanitizer has weeded out all the stuff that would otherwise
> kill spamassassin, then you can run SA and feel ok about it.
I agree with your about the order. But this is no reason to run SA on
More information about the esd-l