[svlug] sa-learn

Rick Moen rick at linuxmafia.com
Sat Jan 24 14:46:53 PST 2015


Quoting Scott DuBois (rhcom.linux at gmail.com):

> However, when you do 'finally' dig that stuff out and set it up,
> you're going to do something with that 'modern' hardware that _most
> likely_ no one has ever considered because you have _decades_ of
> knowledge and experience to recall and apply. I'll bet dollars to
> doughnuts it's going to be something no one is going to be able to
> read from a blog post or any other internet source and it's going to
> be brilliant because it will have solid, proven engineering concepts
> applied.
> 
> That's why I keep asking.

Thank you for the kind words.  In truth, I do my damnedest to let other
people work out the difficult bits, in accordance with the old IT joke:
'You can tell the pioneers by the arrows sticking out of their backs.'

What I aim for is hardware and software that has very long service life
and can be sucessfully neglected shamefully.  That's the major reason I
laugh when people claim it's 'too much work' to run a server.  Done
right, the damned thing runs itself.  (Sysadmin's motto:  Automate,
automate, automate.)

[antispam]

> Eh, I'll figure something out. Kick it around for a while. Try something stupid
> and trivial that may or may not work. If it doesn't, I'll clean up the mess and
> try something else; I'm not overly concerned.

Here's one of many examples of a page that gets it wrong: 
http://www.debuntu.org/postfix-and-spamassassin-how-to-filter-spam/
(Jump to page 2.)

  3. Make Postfix Call Spamassassin

  Now, we need to tell postfix to use spamassassin. In our case,
  spamassassin will be invoked only once postfix has finished with the
  email.

Argh, no.  The correct time to make spamd measure spamicity for the MTA
is _before_ accepting the mail.  That way, if the MTA decides based on
spamd's opinion and other factors that the mail seems too spammy, the
incoming mail can be -rejected- immediately, rather than accepted at
which point you have only unsatisfactory options about what to do with
mail later deemed too spammy.  Rejecting rather than accepting and then
either bouncing or discarding or ghettoising the mail into a junkmail
folder gives the correct 55x SMTP response _immediately_ to the
_correct_ delivering MTA, with no risk of backscatter.  

Any doc that tells you to have the MTA accept the mail first and only
then have spamd process it was written by someone who Doesn't Get It.

That is just one of the ways to go wrong.  My best advice remains for
you to sit down and read the Eximconfig documentation -- irrespective of
what MTA you intend to use.  Once you understand what Boggis's design
is, and why the pieces are architected the way they are, then you can in
theory replicate those results with any MTA.






More information about the svlug mailing list