We’ve had some discussions on global content filtering recently.
There was an interesting thead on the postfix-users mailing list that had some good suggestions on how to optimize performance with Spamassassin…
These threads (as well as some threads that Jeff forwarded from the SA-Talk list) were interesting (follow the ‘next in thread’ links to view the next message).
This comment (from the SA-Talk list; too lazy to google for a link right now) was also interesting:
[quote]To use SpamAssassin in a production environment, we do a number of
optimisations. We patched Net::DNS to remove the use of $& , which
speeds up all SA regexp matches by orders of magnitude.
So most likely it would have to be run as a Postfix content-filter, make no changes to the body (spam report in the headers), and we’d have to skip checks that are more epensive.
Other (good) suggestions were to run spamd on a different machine from the mail machines. However the content-filter itself needs to be very robust, and failure tolerant. I am leaning towards Amavis at this point (well one of the many Amavises that are around right now), even though I have very little experience with any of the Amavis variants (we use RAV for virus scanning here in the office).
Anyway an interesting idea, and we’re certainly weighing our options. Jeff can attest to the fact that I was very hesitant to even consider something like this. I still have some reservations about Spamassassin for such a large, production level project, even though I find it very effective for keeping spam out of my inbox.
Ok - back to sleep - kinda tied one on last night, and I keep trying to enter vi commands (hitting escape and what not) in this browser text box (not sure if the two are related)… Sick, I tell you.