Hi everybody,
I'm currently thinking about switching from amavisd to DSPAM. Although I don't
have any DSPAM experiences (I'm a complete DSPAM newbie), I read a lot of
HOWTOs, FAQs and documentation about DSPAM over the last weeks. From what I
read, DSPAM sounds great and I consider to get rid of amavisd now. However
there a a few questions I didn't find an answer on yet, so I could need some
advice from the DSPAM experts here :).
Some information on the current system: The site I'm responsible of runs
Gentoo Linux with postfix 2.2.5, maildrop 1.7.0, amavisd-new 2.3.3 and clamav
0.87.1. About 7500 users have virtual mail accounts on the primary domain. 6
secondary domains consists of a few hundred aliases to users on the primary
domain. Unfortunately about 50% of our users don't have a local mailbox but
use a mailForwarding to different providers (since we don't provide a webmail
interface (yet), many users forward their mail to some freemail provider).
Even if it's easy, only few users here will understand how to handle spam
(relearn false detections) on their own, so I expect that most users won't
ever get useful dictionaries and I need to find a way to configure groups so
that most users can benefit of dictionaries that a small number of users (who
know how to relearn spam/ham) mainain. From what I saw, the best way would be
to use the neural network feature, which is unfortunately still experimental.
My question: Does the neural network feature already work stable enough to
enable it in my case or do I have to expect problems and should better stick
with classification groups?
From what I read, I have 2 choices to integrate DSPAM into the mailflow (a
pop3 proxy is not an option here). Either run it as a postfix content-filter
(SMTP/LMTP filter with reinjection to postfix) or run it as the LDA (DSPAM is
the LDA for postfix and calls maildrop afterwards).
Currently amavisd runs as a content-filter, which works fine, but I'm thinking
about using DSPAM as the LDA. This would have the advantage that the postfix
log would be finally somewhat cleaner (a content-filter reports everything
twice in the log and messes up stats). On the other hand DSPAM as the LDA
would not touch 50% of the users, because their mails are forwarded to other
providers and never see the LDA. I personally wouldn't care about this users,
since if they don't use other providers, I'm fine with having them stick to
the other provider's spam filters as well. But I'm afraid that the other
providers will probably see an increased amount of spam coming from our
server (since if somebody has a mailForwarding, the mails do get forwarded
unconditionally). Is it likely that the other providers spam filters could
detect an increased amount of spam from our server and therefore classify our
server as a potential source of spam so that they start to drop more and more
messages coming from us?
If that'd be the case, I should better stick with the content-filter way so
that forwarded mails also get filtered. If that wouldn't be an issue, the LDA
way looks better to me (cleaner logfile, less overhead withouth lmtp
ping-pongs and outgoing relay mails don't need to be scanned since we only
relay on valid smtp-auth). Or am I missing something?
I'd appreciate any advice :)
regards,
Andreas Neuhaus
This archive was generated by hypermail 2.1.8 : Mon Nov 14 2005 - 00:00:01 EST