User for SpamAssassin Mail List wrote: > Hello, > > We have a mail system that looks at about 30k incoming emails a day. We > have been running SA for about month (ver 3.03).
WARNING: 3.0.3 is subject to a remotely exploitable DoS attack. All an attacker needs to do is send you a bunch of malformed messages. > We run this on a spamass-milter off of sendmail. With the standard rules it > has been > running OK but does not stop as much spam as we would like (we do sa learn > as well). The system runs about 1 gig of memory and is pretty fast. > > Anyway I just put on " rulesdujour" and got it up and running but what a > big jump in resources.... So what would the common consensus be on what > rules to run to make the biggest dent on incoming spam with a smallest > jump in resources? Definitely do not use any "large" rulesets if you don't want to waste at ton of resources. Most especially "BLACKLIST" in RDJ's trusted ruleset. Also, since you're using 3.0.x, don't use antidrug. These rules are built-in on 3.0.0 and higher.
