mkettler_sa at verizon
Nov 21, 2009, 11:00 AM
Post #3 of 4
(626 views)
Permalink
|
Michael Monnerie wrote:
> I can't reach Bill Stearns, so I try at this list:
>
> Dear Bill,
>
> I'm using the sa-blacklist.reject for postfix since a long time, but
> these last days your rsync doesn't work anymore:
> rsync: failed to connect to rsync.sa-blacklist.stearns.org: Connection
> timed out (110)
>
> So I had a look if something changed on
> http://www.sa-blacklist.stearns.org/sa-blacklist/
> but obviously the information there is quite old: If I download the "sa-
> blacklist.current.reject", it has a version of April: 200904171539
> while my last rsync version is 200910142031
>
> Any chance for a fix?
>
> mfg zmi
>
SA-blacklist and sa-blacklist-uri are both dead as far as use within
SpamAssassin goes. Although someone updated it in 2009, for all
practical purposes it's use as a SA ruleset has been dead (or at least
dying) since 2004. (when the WS sub-list of surbl.org was created)
While it was an interesting case study, but it is *VERY* inefficient,
and will kill most servers. Any use of it should be restricted to
research purposes only (i.e.: reading the list manually to study
patterns in emerging spam domains). It is too heavyweight to use under
SpamAssassin.
The plain sa-blacklist was not very effective, and consumed lots of
memory (750MB per spamd instance?). This list worked on the From:
address of the message, which spammers recycle very quickly. This means
lots of addresses, a huge list, and very low hitrate due to low re-use.
Plain and simple waste of memory to use it under SA. (although manually
looking at the list does have some uses... as noted above..)
The URI version has become the WS list over on surbl. This version had
better hitrates, but the very large list consumed large amounts of
memory too. Also, searching this huge list as a large number regular
expressions is so computationally intensive that most systems can
complete a DNS lookup against surbl.org before the regexes finish
running. It is not unheard of for this ruleset to add 10 or more seconds
to message processing, in addition to the over 1 gig of ram it consumes.
Sure a more recent server with more CPU beef and fast ram could probably
complete it in 3 seconds or so, but that is still slower than a DNS lookup.
Most admins are not willing to devote several gigs of ram just for their
SpamAssassin instances. I doubt you are either, so please don't use
sa-blacklist.
Unless you're looking to use it as a data set for analysis purposes, it
is dead, and has been for a long time. The valuable parts have evolved
into parts of SURBL, which is already in SpamAssassin, unless you're
dealing with a version that is over 4 years old.
|
signature.asc
