On Mar 17, 2004, at 1:10 PM, Bob George wrote:
I started using procmail for filtering a couple of years ago, but have
recently supplemented it with bayes (bogofilter) and spamassassin,
trying to find a good middle ground. I like spamassassin for its blend
of capabilities, but there's no denying it imposes performance
overhead..
There are a handful of spamassassin rules that hit significant numbers
of incoming spams. Converting some of these to procmail recipes would
allow a "coarse screen" to be put in place with procmail, avoiding the
need to process obvious spam through other tools altogether (part of
my beloved layered defenses).
An example rule that is detecting many of the random-word,
bayes-poison spams:
body PT_WORDLIST_30
/(?:\b(?!(?:from|that|have|this|were|with)\b)[a-z]{4,12}\s+
){30}/
describe PT_WORDLIST_30 string of 30+ random words
score PT_WORDLIST_30 10.0
A rule like this is pretty straight forward in SA, and if you are using
spamd/spamc it is fast and cheap.
In procmail, pre-scanning body-text is not fast and not cheap.
I would suggest, if you want to adopt some SA rulesets, concentrate on
those that check the headers only, that's what you want to pre-screen
on.
--
Generalizations are always inaccurate. -Mugsy
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail