On Wed, Jul 21, 2004 at 02:05:42PM -0400, Curtis Maurand wrote:
I've need more machine due to trying to catch spam. Worse, I'm getting
way too many false positives. Spamassassin/Razor only catch a fraction
of stuff that gets sent. without the extra filters (on the order of
200 to 300), I would get 40 to 50 per day. I'm really really frustrated
I can only say I think you are working hard but not smart. No insult
intended.
I have described in general terms here my setup before. A few others
do some similar things. In a nutshell, I've under 40 anti-spam
recipes, all but four of which are headers-only checks; and I have
1/1000 false negatives and about 9/1000 false positives. It is very
light on the machine. I have mail convening here from 22 domains,
and I get lots of legit mail from weird and unknown places, so
I can't be too cavalier with my heuristics.
I don't meant to sound like I'm bragging. It's hard work, and I
admit it! But that's the biz we're in. If you sysadmin 100 users,
then I say, well, hunker down and do some homework and get it
done. There are no easy shortcuts to putting in the time and
learning, with thinking cap in place on head. However, there are
helpful resources around now that were not there years ago, including
paramount among them Nancy McGough's QuickStart tutorials. The
result to well done work is almost always rewarding.
People often misjudge the preparation effort involved in coding
with procmail. After all, the language is meager and flat; there
are few bells and whistles, but also thereby few overweening
constructs to have to sweat-effort your way through (once you
get past the scoring syntax basics and some other, oh, shall we
say eccentric expressional nuances). In short, people often tend
to think that with a spare language, it should be easy to
stay out of trouble. To the degree that they don't think through
their strategy (heuristic) and build their algorithms soundly,
though, they fool themselves! For this procmail stuff is no different
from coding in any other language. Do sloppy prep work with bad
or no internal documentation, and you have a rat's nest of code
that will cause you infinitely more grief than good. On the
other hand, plan out your attack with some mental rigor, and do
the homework to get you up to speed on articulating those ideas
in the language, and you will be surprised at the ease and
subtlety and success -- even with what we may in all fairness call
a "brittle" little language like procmail. And developing for
yourself at least a yeoman's facility with regexes is an excellent
first start.
It would still be handier to have procmail record its process id with
each entry in the logfile.
I thought David posted that yesterday.
LOG = "
$$
"
--
dman
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail