|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Another SPAM doubt
From: Covington, Chris (Chris.Covington
plusone.com)
Date: Thu Dec 01 2005 - 14:47:26 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Dec 01, 2005 at 10:45:54AM -0200, Sergio Ferreira wrote:
> Hi List,
>
> I still setting SPAM stuffs at my setup, now I have one doubt about some
> third parts tools. I have known about integration of Postfix and Clamav,
> Spamassassim too, instead of Postfix + Clamav + Amavis + Spamassassin.
> Anyone had experienced boths cases for help me with the advantages and the
> disadvantages between them?
> Without Amavis my server will be trustworth too? My question is about should
> I use Amavis or not? Some people says It is more easy to manage these things
> with Amavis, It is true?
>
> Any conserning will be very wellcome to make things more clear.
I'd like to weigh in here. We used SpamAssassin/amavisd-new for about 2
or 3 years and the results were acceptable, the setup was fairly
straightforward and the overhead was low. It's a good beginner's setup
that will take care of 90-95% of your spam problems. The problem with SA
(and most commercial products, but I digress) is primarily that it's a
one-size-fits-all solution, and secondarily: it assumes English as the
primary language of all spam, it has a lot network test latency, it
primarily adapts through new versions containing new rulesets, etc.
(For instance, with our population medicine, nutrition & health
enhancement are integral parts of every day business, not spam!)
Network tests help SA a little in this regard, but in many ways it's a
static system that waits for the next release to be more effective, and
its efficacy drops over time until the next version, etc.
In the last few months we've preserved amavisd-new to do virus scanning /
attachment blocking, removed SpamAssassin, and we've added DSPAM which
does the anti-spam. DSPAM is fairly difficult to setup and understand
(the documentation is sparse) but it's very effective and adaptive.
DSPAM is also more of a resource hog: we have a 400MB or so global MySQL
database compared to SA's small-footprint client installation. This
database contains 30,000 or so messages in the spam corpus and 40,000
or so in the ham corpus. The message scanning times are faster, but
the resources required are much higher. With all that said, it's an
excellent solution. It's highly accurate (we're at 98.87% right now,
this constantly gets better): The database is specially-tailored to
our users' email patterns, and our users continually update it themselves
by forwarding false positives and negatives to training addresses.
So if you have the patience, skills and hardware required to use
DSPAM, go for it!
---
Chris Covington
IT
Plus One Health Management
75 Maiden Lane Suite 801
NY, NY 10038
646-312-6269
http://www.plusoneactive.com
!DSPAM:1,438f6162289285153766755!
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]