BETA: Max SpamAssassin Size for sendmail and Postfix

[Julian Field]

Drew Marshall wrote:
> On Mon, September 11, 2006 12:09, Alex Broens wrote:
>> Though & wish: apply the VERY simple spamc method: "max msg size" and
>> save lots of cpu time and potential FPs avoiding scanning even chuncks
>> of oversized msgs.
>> (incidentaly scanning chuncks breaks some plugins, full & rawbody rules,
>> etc)
>
> Interestingly Messagelabs does just this:
>
> X-Env-Sender: drew at themarshalls.co.uk
> X-Msg-Ref: server-12.tower-148.messagelabs.com!1157891897!1022432!1
> X-StarScan-Version: 5.5.10.7; banners=-,-,-
> X-SpamReason: No, hits=0.0 required=7.0 tests=Mail larger than max spam
>   size
>
That's because they are running spamc to call SpamAssassin. SA is their 
anti-spam tool of choice.

> Please note this is made as an observation. I don't understand enough 
> about all the different SA rules to appreciate what the best choice is 
> (Yet!). Certainly I understand the issues of DoS and indeed the 
> potential of missing large spam messages but I can also see the 
> possible benefits of not scanning very large messages at all for some 
> of my very old and underpowered machines, so I am following this 
> debate with a keen interest.
Considering many of the rules work quite successfully with the headers 
and some of the text of the message, simply ignoring messages over a 
certain size seems a very silly thing to do. Most of the spam detection 
rules work perfectly well with only the start of the message.

-- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk