Set it and forget it?
steve.swaney at fsl.com
Mon Nov 26 22:35:17 GMT 2007
Ugo Bellavance wrote:
> Steve Campbell wrote:
>> Ugo Bellavance wrote:
>>> Steve Campbell wrote:
>>>> I'm curious as to how much time is spent by most of the email
>>>> admins here using MS. I realize that some of my efforts could be
>>>> streamlined by upgrading to the latest release, but the people here
>>>> seem to think that this is a "set it and forget it" type of operation.
>>> I don't believe that.
>> Gosh, maybe it _is_ me then.
> Not sure. What I meant is similar to what Hugo said. It does need
> maintenance, as spam is evolving. We see a new version of SA almost
> every 3 months, MS about the same, then razor, DCC, system updates.
> More components you have, more effective it is, but more maintenance
> it requires.
> What I meant is that it is not a system that you can install and let
> hum for a few months w/o touching it.
We do make such a system. It's not as flexible as MailScanner and it's
not open source but it does run for a long time with very minimal
maintenance and very little cost.
It's our BarricadeMX product with SpamAssassin (using spamd) and ClamAV
(using clamd) along with Razor, SARE rules and DCC. All of the software,
The operating system, CentOS 5, and all applications are updated using
rpms. Many of which we maintain in our own yum repositories.
Since BarricadeMX typically correctly identifies over 90% of the
incoming mail as spam and rejects it with an NDR, there aren't a lot of
messages to push through SpamAssassin or ClamAV.
And since there are few options:
* You can reject at the MTA level with NDR if spam score is greater
* You can tag and deliver if spam score is less than x.xx but
greater than y.yy
* You can deliver untouched if spam score is less than y.yy and
Message passes ClamAV
* You can reject with NDR is message is rejected by ClamAV.
* You can white / black list with a web interface
And you cannot:
* Block on filename or file type
* Disarm dangerous HTML
* Quarantine anything (not necessary because messages are rejected
with an NDR or accepted)
Most of the cool things MailScanner can do to protect your email systems
are not available. This is a basic but simple system.
You do get a very low maintenance, high capacity gateway that does a
very good job at detecting spam with little white / black listing
required and a very low false positive ratio.
A single core, single CPU system with 2 GB of memory can actually handle
over 1,000,000 delivery attempts a day so you can push a LOT of mail
through relatively inexpensive systems.
We have very inexperienced Systems Administrators using these systems
because it really is as simple to maintain as running `yum -y update`.
And if you want the best of both worlds and don't mind a bit more work,
you can run BarricadeMX on most MailScanner systems. This gives you very
high capacity gateways that really block almost every bit of the junk
that's out there
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 305 bytes
Desc: not available
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20071126/7da712a0/steve.swaney.vcf
More information about the MailScanner