My 1700 rules CRUSHED busy servers. This is why I sort them now by order of hits. So people can prune the rules to the heavy hitters if they wish. It was the only way I could think to make them still usefull for people. Also they can adjust scores for the ones that hit the most often.
--Chris "Kill for a URI DB eval" Santerre > -----Original Message----- > From: William Stearns [mailto:[EMAIL PROTECTED] > Sent: Monday, November 17, 2003 1:23 PM > To: Robert Menschel > Cc: ML-spamassassin-talk; William Stearns > Subject: Re: [SAtalk] Sanity checking new uri rules? > > > Good afternoon, Robert, > > On Fri, 14 Nov 2003, Robert Menschel wrote: > > > Friday, November 14, 2003, 12:53:45 PM, you wrote: > > > > WS> I'm now trying > > WS> to take these domains and check the URI's in the body > for them as well. > > WS> My first attempt to do URI rules is at > > WS> > http://www.stearns.org/sa-blacklist/sa-blacklist.2003111402.uri.cf > > > > I'd run these through my corpus, but I'm not sure what the effect of > > 4.8k tests would have on my server during masscheck. > > > > WS> Would someone be willing to just take a quick > look and see if my > > WS> approach makes sense? I hate screwing up _other_ > people's SA installs, > > WS> and that's why I'm putting these in a seperate file > until I'm comfortable > > WS> with the results. > > > > Running normal tests against my corpus, 1-15 tests, > masscheck runs 15-18 > > or so minutes. Testing 200 rules took 20 minutes. Figure 1 > minute per > > 200 rules, 4800 rules would take an additional 24 minutes. > I hesitate > > putting this shared server through that load. > > So if I read you correctly, adding 4800 rules > essentially triples > the cpu time needed to process a given message or collection > of messages. > Are there ways to improve the performance of the checks? I ask > because these URI rules are tripping on about 50-60% of my > current spam - > much more than the corresponding source domain blacklist rules. > > I hope you'll pardon my ignorance, but I don't know how to read > the masscheck results. Were there any other useful nuggets > that came out > of that report? > Thanks for taking the time to report back, even if I'm too > inexperienced to understand your response. :-) > Cheers, > - Bill > > -------------------------------------------------------------- > ------------- > '"I wish those people just would be quiet," he said > of computer > researchers who publish vulnerabilities in Microsoft's products.' > -- Steve Ballmer, Microsoft > (Courtesy of > http://story.news.yahoo.com/news?tmpl=story&u=/washpost/200310 10/tc_washpost/a6043_2003oct9) -------------------------------------------------------------------------- William Stearns ([EMAIL PROTECTED]). Mason, Buildkernel, freedups, p0f, rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org Linux articles at: http://www.opensourcedigest.com -------------------------------------------------------------------------- ------------------------------------------------------- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk ------------------------------------------------------- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
