We have a system here in which several accounts get a ton of SPAM and spamd (SpamAssassin) is constantly using a ton of memory. Our machine is used for both our website and our email. Our LAMP based website gets a lot of traffic, so when the server slows down due to email scanning it's frustrating. To keep costs low, it's not a real beefy machine either, Pentium D 925 3.4GHz with 3GB of RAM.
Upon inspection, there is one main offender receiving 10,000 SPAM emails per week and a couple of others receiving about 2000. The rest of the addresses receive none.
Since the bulk of the SPAM is being received by one account, do you think it is worth while to change that person's email address? And by the same extent, the others. This is what seems to be the best/easiest/cost-effective solution to me. They don't want to do this, but I have to figure out what's best for our whole system. I know SpamAssassin will still use resources to scan emails, but next highest person (who doesn't receive any spam) is getting about 500 emails per week, so the volume is reduced by up to 20-fold. The offending account is such a stark contrast to all the other accounts, and the server is using a lot of resources, constantly scanning their emails, which are all (99%) junk anyway.
Any thoughts would be greatly appreciated. Thank you.
Answer
Are you doing any RBL checks at SMTP time? In my experience, those catch 90% of spam, and it's much easier on the system to do an RBL check during the SMTP transaction (and then reject the mail) rather than having to accept the message and then make the system scan/parse the email through spamassassin.
RBL checks are fairly simple to set up with most MTAs.
No comments:
Post a Comment