Today spam assassin filtered (flagged) 19,246 incoming emails out of 20,145 total on my mail server. Absolutely no false positives since I installed it a year ago.. and only a few false negatives. I silently drop anything with a score over 13... my cstomers are happy.. my qmail remote queue has been happy.. spam assassin is a quality app.. spam is really not a concern anymore.
Allow authenticated users to send their mail and stop processing.
Allow hosts on my LAN to send their mail and stop processing.
Reject mail from anyone else that isn't to one of my domains, or one I'm an MX for.
Use SPF to reject spoofed email.
Use the relays.ordb.org, list.dsbl.org, and sbl-xbl.spamhaus.org DNS blackhole lists.
Greylist all email not coming in from or going out to peer MXes.
Pass everything else to step 4.
4. Content Filtering and Delivery
Use ClamAV to reject viruses. This takes a big load off SpamAssassin.
Use SpamAssassin to tag messages.
Use Cyrus's Sieve to reject high-probability spam, put medium-probability messages into a "review" folder, and filter everything else into the appropriate folders.
I reject over 95% of all incoming mail before it ever gets to SpamAssassin. This means that SA's success rate isn't as good as on other systems (since I weed out all of the obvious spam), but my mailbox is happy and shiny.
SpamAssassin is a brilliant last line of defense, but I wouldn't advise just dumping your raw incoming stream into it. Much of the useful information about a message isn't available to spamd (such as your list of local domain names, relay domains, etc.) and you should consider using a set of cheaper filters to flush out the blatant chaff.
1. Use ClamAV to reject viruses. This takes a big load off SpamAssassin.
This should be the other way around. You should run them through spamassassin before ClamAV. ClamAV is more processor intensive, and many virus emails will get discarded by SA without having to go through Clam. Whereas you'll be clamscanning lots of virus-free spam this way around.
Not in my experience. Maybe it's the size of my Bayes databases, but clamd uses significantly less CPU than spamd on my particular system. YMMV, of course. Anyone who blindly implements my solution without understanding it and tailoring it to their own needs is likely in for a few nasty surprises.
"Well hello there Charlie Brown, you blockhead."
-- Lucy Van Pelt
Bout Time! (Score:3, Interesting)
Re:Bout Time! (Score:5, Interesting)
Re:Bout Time! (Score:5, Informative)
1. HELO Filtering
2. Sender Filtering
3. Recipient Filtering
4. Content Filtering and Delivery
I reject over 95% of all incoming mail before it ever gets to SpamAssassin. This means that SA's success rate isn't as good as on other systems (since I weed out all of the obvious spam), but my mailbox is happy and shiny.
SpamAssassin is a brilliant last line of defense, but I wouldn't advise just dumping your raw incoming stream into it. Much of the useful information about a message isn't available to spamd (such as your list of local domain names, relay domains, etc.) and you should consider using a set of cheaper filters to flush out the blatant chaff.
Re:Bout Time! (Score:1)
This should be the other way around. You should run them through spamassassin before ClamAV. ClamAV is more processor intensive, and many virus emails will get discarded by SA without having to go through Clam. Whereas you'll be clamscanning lots of virus-free spam this way around.
Re:Bout Time! (Score:2)
Not in my experience. Maybe it's the size of my Bayes databases, but clamd uses significantly less CPU than spamd on my particular system. YMMV, of course. Anyone who blindly implements my solution without understanding it and tailoring it to their own needs is likely in for a few nasty surprises.