[SDBUG] OpenBSD's "spamd" usable on FreeBSD? [ Now careening with Off Topic goodness ]

James, Jay jay.james at ti.com
Thu Feb 8 10:33:15 PST 2007 

Hola Mike Murphy, long time no see to you. You may not even remember me.
I learned subnetting from you on-the-fly in a 15 minute hip pocket
session a long time ago at blahdblah-ISP. 


After a previous life working as a Unix Admin for a multinational
conglomerate for 6 years, taking SMTP routing from a Data General MU04
box to a DX4-100, to eventually 2 Netras, to offloading spam filtering
through a third party, I have seen the rise of spam from a few a day to
a hundred thousand a day over that time span. It was a fairly big
corporation, since swallowed up by a bigger fish.

Anyway, it took me that 6 years to develop my own blacklists, which I
have migrated to my own home network with fantastic success. 

My point being here that it's a daunting task these days to point-blank
set something up from scratch. Mike, how long did it take you to develop
your list of 32k+ entries? And even more important, whats the uptime on
your VAX cluster? I had always wondered if those rolling blackouts
caught you.


Jcj






-----Original Message-----
From: sdbug-bounces at sdbug.org [mailto:sdbug-bounces at sdbug.org] On Behalf
Of Mike Murphy
Sent: Thursday, February 08, 2007 10:20 AM
To: San Diego's BSD Users Group
Subject: RE: [SDBUG] OpenBSD's "spamd" usable on FreeBSD?

The Barracuda is nice. It costs money for the box, the service, and the
administrator.
 
Milter-greylist running on FreeBSD with sendmail is nice. SpamBayes on
the desktop is nice. They are freely available. It costs money for the
box and the administrator.
 
I disagree with the statment "you aren't going to get that much spam
filtering out of it." I have 32K+ greylisted entries current on my
incoming mail server and 11 whitelisted entries. The 32K+ are spam
(minus the 11 which is still 32K+ :-) SpamBayes has 6K+ messages on my
client system that have been identified as spam since 3/2006. That's 6K+
messages (minus the 200 or so that I dealt with to teach SpamBayes) that
I didn't have to deal with. The 32K+ messages are what's current in
milter-greylist for the last 3 days or so. Notice that milter-greylist
reduces the burden on SpamBayes significantly. I don't want my ISP to do
spam control; I'd just as soon do it myself. I don't want to deal with a
web interface to a black-box to classify spam, either. I don't mind if
my mail is delayed for a half-hour; I have a telephone to coordinate
lunch plans ;-)
 
Different strokes for different folks...
 
(Hi Dave, long time no see)
 
--Mike

________________________________

From: sdbug-bounces at sdbug.org on behalf of Miles Teg
Sent: Wed 2/7/2007 10:14 AM
To: San Diego's BSD Users Group
Subject: Re: [SDBUG] OpenBSD's "spamd" usable on FreeBSD?



You're trying to get your ISP to use this software?  hah!

Considering spam is often sent with legitimate SMTP engines, you aren't
going to get that much spam filtering out of it, so I fail to see how
you
can justify the corresponding 3-5 minute delay in email service.  If my
ISP
took 3-5 minutes to get emails to my inbox, I would switch services.  If
it
somehow blocked all spam, it might be worth it, but anyone using a
subverted
or open 3rd party SMTP server as their relay is going to wait the 3-5
minutes and send you the email again.

Allow me to recommend in its place, a Barracuda Spam Firewall.  This
"black-box" solution is a Linux box running quite a combination of
anti-spam
technologies, including but certainly not limited to SpamAssassin.  With
one
of these in place at our business, which has some 10 year old email
addresses that get spammed like there's no tomorrow, I can't recall the
last
time I saw a spam email get through untagged.  I used to run my own
setup
with RBL lists (which the barracuda has), spam assassin with updated
rule
sets, my own custom filters that I would maintain, everything I could
think
of.  And it was a huge waste of time.  The effectiveness was mostly
limited
to spamassassin and the rbls, and while I was able to take quite a chunk
out
of spam, maybe 70%, it didn't even come close to what the barracuda
achieves.  And now, it's someone else at Barracuda spending their time
tuning the damned thing instead of me.  It also has anti-virus filtering
built in.  Since I have installed this unit, complaints about spam have
gone
to 0, email viruses infecting my office network have gone to 0, and
complaints about false positives have gone to 0.

I do not own stock in, nor am I a reseller for, nor am I affiliated in
any
way with Barracuda, I am just very satified with their anti-spam
firewall
product.  I also use their anti-spyware firewall which uses a squid
based
web proxy to filter phishing and spyware sites and downloads.  Both of
these
products are based on open source solutions, with the added value of
having
the Barracuda people tune and update the rules and tests for the
products
constantly.  The units are updated by Barracuda very often, sometimes
hourly.  The price for the units depends on the size of the unit you
need,
but I got the smallest ones and they still handle the traffic easily and
handle multiple domains.  The yearly cost for the service on the
anti-spam
firewall is like $1500 a think, which I spent *way* more than $1500 of
my
time per year working on filtering spam, searching for lost false
positives,
and removing viruses and spyware from my office lan.

If you're a business owner or IT administrator at any mid-sized
business, I
have to recommend the Barracuda anti-spam product.

http://www.barracudanetworks.com/ns/?L=en


----- Original Message -----
From: "Peter Leftwich" <Hostmaster at Video2Video.Com>
To: "SDBUG" <SDBug at SDBug.Org>
Sent: Friday, January 26, 2007 5:37 PM
Subject: [SDBUG] OpenBSD's "spamd" usable on FreeBSD?


> Has anyone used "spamd" on FreeBSD?  I'm trying to get my ISP to use
it.
>
> If I understand it correctly, it is a sendmail clone, but with one
major
> difference (improvement?) -- incoming messages are told, "Hollld on a
sec,
> let me see if I can deliver your message, please wait 3-5 minutes then
try
> back."  And if the incoming message is a spammer, then THEIR side of
the
> sending gives up and does not legitimately retry.
>
> The sacrifice is only that the recipient cannot receive a message
> immediately.
>
> But, sounds great!
>
> --
> Peter Leftwich, Owner
> Video2Video Services
> Box 13692, La Jolla, CA, 92039, USA
> http://Www.Video2Video.Com
> _______________________________________________
> SDBUG mailing list
> SDBUG at sdbug.org
> http://lists.sdbug.org/mailman/listinfo/sdbug
>
_______________________________________________
SDBUG mailing list
SDBUG at sdbug.org
http://lists.sdbug.org/mailman/listinfo/sdbug

More information about the SDBUG mailing list