On Wed, Dec 25, 2002 at 11:27:06PM +0100, Tony L. Svanstrom wrote: > It depends on what you want to do; if you want to have hundreds of rules with > different scores, then SA is way superior, but if you've got a simple "hit this > one and die die die"-thing then why waste your servers time having it start > something perl-based?
Yeah, it's all about cost or "intrusion" into your system, IMHO. I had a nice rant about this kind of stuff with a guy running an open relay, who's 100% positive that the "RBL" admins are actually spammers and there's nothing wrong with an open relay. That's a different discussion though. Basically, I look at it like this on my system: - SMTP (access db, RBLs, simple header checks, etc) - Procmail - SA - MUA Filter - My delete key As you go down, the "cost" (use of resources, time wasted, user exposure, etc) goes up. I have an access database (sendmail) of over 15400 entries. Almost 1600 are IPs, 9300 are class C nets, and 15 class B nets. The rest are domains, users, or full addresses. That alone blocks ~1200 spams a week from my server that don't need to spend time going through the rest of the stack. Just for stats, the spam that came through to me (or the two users who report their spam to me) during the same period: Stats since 2002-12-17 Scores : 1.4 19 45 Total Messages: 1116 SA Caught : 1084 (97.1 %) Razor Caught : 817 (73.2 %) Razor Not SA : 1 (0.1 %) Razor Cause SA: 27 (2.4 %) -- Randomly Generated Tagline: "Marriage is a three ring circus: engagement ring, wedding ring, and suffering." - Unknown
msg11453/pgp00000.pgp
Description: PGP signature
