Spam Assassin on a Linode 360?

I've been running Spam Assassin (SA) at home - when my Linode was a 64, there was no way it would support SA. Now that I have Linode 360 (thanks to the magic of Caker!), and I need to re-arrange my home setup, I'm wondering if it's feasible (and advisable) to run SA on my Linode. Anyone with opinions and experience? I seem to average about 400-500 mails day that get past the frontline greylisting and RBL checks I already do on the linode.

Thanks,

Steve

8 Replies

@SteveG:

I've been running Spam Assassin (SA) at home - when my Linode was a 64, there was no way it would support SA. Now that I have Linode 360 (thanks to the magic of Caker!), and I need to re-arrange my home setup, I'm wondering if it's feasible (and advisable) to run SA on my Linode. Anyone with opinions and experience? I seem to average about 400-500 mails day that get past the frontline greylisting and RBL checks I already do on the linode.

Definitely doable - my linode 360 takes about 10 seconds to process each message.

I run via this configuration on a Linode 360:

postfix

  • setup to use MySQL and postfixadmin to do virtual hosting

  • a header_regexp rule to move all messages to the HOLD queue

MailScanner

  • configured to postfix

  • using SpamAssassin (not via daemon)

  • using clamav (not via clamd or the clamav module)

  • set to scan every 30 seconds

It works out well. MailScanner uses about 43 megs of RAM. Less, I believe, if I tell it not to use clamav. MySQL is using 21 megs, but its also managing databases for other things. Clamscan will use 20-30 megs for the short time it runs. Nothing else involved with the mail system uses any significant amount of memory.

I was originally using amavisd-new but setting up postfix for it was a pain, it was difficult to configure itself, and it used a LOT of memory - something like 160 megs.

@SteveG:

I've been running Spam Assassin (SA) at home - when my Linode was a 64, there was no way it would support SA. Now that I have Linode 360 (thanks to the magic of Caker!), and I need to re-arrange my home setup, I'm wondering if it's feasible (and advisable) to run SA on my Linode. Anyone with opinions and experience? I seem to average about 400-500 mails day that get past the frontline greylisting and RBL checks I already do on the linode.

Thanks,

Steve

I am running spamassassin, sendamail,clamav, mysql, lighttpd and seems to be OK on the 360. I had the same config on a 540 and it was stable as a rock (with apache2). The only hiccup is clamav when it updates. That really spikes the cpu (a known problem with clamav).

I just switched to lighttpd and I believe that will do the trick. Time will tell.

is it possible to integrate the spamassassin-scirpts into a working postfix so that it processes all mails as ever, but the only the [email protected] - mails with spamassassin? i would love to have spamassassin on my linode 360.

thx!

@cattani:

is it possible to integrate the spamassassin-scirpts into a working postfix so that it processes all mails as ever, but the only the [email protected] - mails with spamassassin? i would love to have spamassassin on my linode 360.

thx!

What do you mean? You only want addresses with three .-seperated words to go through SpamAssassin?

yes, either that or messages addressed to a specific domain, i then would buy a special domainname i only user for spamassassin. i just want to keep my mailsetup and run spamassassin too (with the same instance of postfix)

By far the easiest way to accomplish that would be to run spamassassin on delivery to that user, via procmail or some such.Otherwise, playing with postfix transports might work. But in both those cases, it's too late to reject, which is my only purpose for running it on the linode.

I've got exim4 with sa-exim running on my Linode 360, and it runs great. I've implemented a couple of layers of spam protection. First, I outright block all servers in any Asia net block. I don't have a requirement to receive mail from them, so I'm not worried about losing email. Second, I have exim checking senders against the SBL-XBL at RCPT time. If they are listed, they don't get to deliver. Finally, Spamassassin scans the mail and runs all of its checks (again at RCPT). If the message exceeds a certain score, exim rejects the message (the message is saved to disk for review).

The Spamassassin wiki has some performance tuning tips at http://wiki.apache.org/spamassassin/FasterPerformance if you are having problems. Debian's (and therefore Ubuntu's) default setup doesn't appear to need much tuning.

My server isn't seeing huge amounts of traffic. It hosts my personal domain and probably sees 1000-2000 connections/day with maybe 10% of those getting through to Spamassassin. I haven't seen CPU usage go over 10% with this setup. I'd love to be able to have a graph that shows total delivery attempts and how messages were actually delivered…thats a project for another day.

Ben

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct