On Thu, Oct 23, 2008 at 03:15:33PM +0200, mouss wrote:[color=blue]
> Brent Clark a écrit :[color=green]
> > Hiya
> > I would like to know, what are the implications of using / enabling
> > shortcircuit.
> > Other than speeding up the scan processing, from my side, I cant see a
> > downgrade in spam detection.
> > [/color]
> if you don't have performance issues, don't shortcircuit. The more you
> check, the better.[/color]
Lets get some facts straight.
If you are not certain what you are shortcicuiting, don't do it. But you
don't need to have performance issues to do it! I like to save resources for
a bad day (spam flood?).
Why bother scanning?
I have extensive list of trusted_networks for whitelisting purposes. How
can you whitelist people if they send through a large ISP smarthost etc and
they are not using DKIM? Not with whitelist_from_rcvd/spf. Well ok, you
can, but there is a small chance of spoofing. But why risk anyway, since
this does the job efficiently. Hits 13% of all traffic.
My magic rule:
(BAYES_00 && RELAY_FI && !ANY_BOUNCE_MESSAGE)
Bayes works extraordinary well, since most my ham is in Finnish, and spam
in English.. together with relay from Finland (very small source of spam)
it skips almost 40% of my traffic! (BAYES_00 alone is about 50%)
There is no point checking known good traffic. If you can identify such
rules, good for you. I really don't care if there are very few non-serious
FNs. ClamAV/Sanesecurity will catch most anyway.