Author: Ron White Date: CC: exim-users Subject: Re: [exim] Spamassassin bypass
On Fri, 2010-06-04 at 10:35 +0100, Mark Thornton wrote: > The default configuration bypasses spam assassin for messages in excess
> of 100000. We have recently started seeing an increase in spam which is
> just over this limit (103KB). I wonder if there is a connection.
>
> Mark Thornton
>
> In the good ole' days spammers kept them short and sweet to keep down on
the bandwidth and overheads I presume at a bit of a guess.
Since the Botnet has largely taken over the job of spamming, and someone
else is paying for the bandwidth, size is probably only considered by
spammers because it is proportional to amount of spamessages per period
of time.
Spamassassin is a lovely program, but she's a hungry hippo. If it has to
start scanning big messages it will quickly become a bottleneck IMHO.
Best to make sure all reasonable steps, such as IP based ptr/dnsbl
checks are in order before even showing Exim and Spamd a sniff of it.
Personally I've seen only a few oversized spams, but there was a time
when I saw none at all.