Recommended spam.lists and/or sendmail dnsbl settings?
Duncan, Brian M.
brian.duncan at kattenlaw.com
Wed Dec 12 21:05:50 GMT 2007
> > "The Spam Lists To Be Spam" directive could still be set, but
> > MailScanner could quit RBL checks after meeting that condition.
> >
> > It could even increase performance couldn't it for heavily
> loaded mail
> > servers?
> It would actually lower performance as each message would
> have to be checked one at a time one list at a time instead
> of firing off multiple queries and looking at the hits
> afterward. Think of telling a joke in a room full of people.
> Do you tell one person at a time and wait for a laugh (or
> not), or do you tell groups of people at the same time?
> If a sysadmin trusts a list that well, he/she usually uses it
> at the MTA. That is the only way to really cut the load,
> because no further processing is done on it. The batch
> processing is what puts mailscanner ahead of the other
> options like mimedefang or amavisd (or ???).
I know this was from last week, I have been busy and did not see your
reply till today.
So you are saying currently Mailscanner sends out queries to ALL the
RBL's listed in the mailscanner conf, but does NOT wait for ALL of them
to reply?
Your analogy on telling a joke to a room full of people makes sense, but
if you have to wait for the room full of people to all laugh or not
laugh it seems less efficient unless I am missing something there.
>From what I can see in my logs normally I have log entries for ALL the
RBL's that each message failed against. And only if an RBL times out
does it skip it. So does mailscanner after it queries all the RBL's
initially continue without pause even if one of the RBL's does NOT
answer?
I do see how serial lookup could slow things down now though, if RBL one
say no, then it goes onto RBL 2, etc.. So any valid mail will still wind
up queuing ALL the RBL's anyhow. Just not all at the same time, which
would add delay(how much I don't know). But if as it works now ALL
RBL's have to reply before Mailscanner thinks that it is done with that
message, the difference in time might be very minor. Especially if it
was serial, and you only wanted 1 RBL to fail and your servers receive
allot of Spam. (and your first specified RBL check is what you get your
largest hit on anyhow)
>
> >
> > In my organization we rely on MailScanner to do the RBL checks and
> > pass ALL mail through to end users (We need to, they can
> never afford
> > to miss a message) RBL failed messages are considered high scoring
> > spam and get a slightly different identifier to quickly identify an
> > RBL'ed messages from one that failed do to message content.
> >
> Since you forward all messages, you could have some
> preprocessor do rbl checks and add headers and then get
> mailscanner to not re-scan those.
I guess I will have to look into that if I want to do it. I just
figured it might be a benefit to have the capability to do it in
Mailscanner since it already has the RBL checking functionality, just
not the capability to do it in a serial manner.
>
> In my organisation, if they are on a trusted RBL, they only
> send spam.
> Otherwise the un-trusted RBL's are scored with spamassassin
> like other content. That way a message in a less than
> reliable list, with no other content problems will usually
> get through unmolested.
>
Yeah in my situation I work in an environment where a client could
technically be a Spammer. So many users need ALL messages that were
sent to them. I don't have the option of telling a user, the reason you
did not receive message X which related to a deal you were working on
was because they use an ISP that they just switched to that got assigned
a previous block of addresses that were black listed. They don't care
what I say, they just care they did not receive the message. So we do
this for all users. If something is RBL'ed and it came from a Spammer
we just tell them to add the user to their safe sender list in Outlook
and then I can still fight Spam while giving individual users the
control to receive what they want. Back before we did this, do you know
how much time I would waste having to assist other companies IT
departments in getting off an RBL? Now I never have to.
I wish I could dump RBL'ed messages at my edge. But all I can do is
wish.
>
> --
> MailScanner is like deodorant...
> You hope everybody uses it, and
> you notice quickly if they don't!!!!
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
===========================================================
CIRCULAR 230 DISCLOSURE: Pursuant to Regulations Governing Practice Before the Internal Revenue Service, any tax advice contained herein is not intended or written to be used and cannot be used by a taxpayer for the purpose of avoiding tax penalties that may be imposed on the taxpayer.
===========================================================
CONFIDENTIALITY NOTICE:
This electronic mail message and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information that is proprietary, privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information may be subject to legal restriction or sanction. Please notify the sender, by electronic mail or telephone, of any unintended recipients and delete the original message without making any copies.
===========================================================
NOTIFICATION: Katten Muchin Rosenman LLP is an Illinois limited liability partnership that has elected to be governed by the Illinois Uniform Partnership Act (1997).
===========================================================
More information about the MailScanner
mailing list