[pmg-devel] PMG with rspamd

Christian Heutger christian at heutger.net
Tue May 29 11:49:23 CEST 2018


see below. BTW, are here non-german speakers reading? Otherwise can switch to german.


Am 29.05.2018 um 06:28 schrieb Dietmar Maurer <dietmar at proxmox.com>:

>> There is not only ham and spam, were are more levels possible, 
> SA has a full featured test system, and you can logically combine the results of
> all those test.
> So there is not only HAM and SPAM when you use SA!

Sure, but needs adjustment then. I search for an out of the box solution with less adjustments, maybe a bit of customization.
>> it's faster, it has smaller footprint, 
> But that is mostly neglectable considering all the other processing steps (virus
> scan, postfix, DNS queries, ...)

No, that’s what I was talking about as you told PMG and rspamd are competing products, they aren’t, the spamassassin part is replaceable by rspamd, so virus scan, postfix, dns queries all of them have, just need to compare only the content filter. Also virus scanning is possible with Sophos faster in rspamd, as it’s integrated there with DI instead of starting the CLI every time.
>> I can tell more about the quality after some days of testing, but SA has some
>> false-positives and false-negatives 
> come on - any classification tool has false-positives and false-negatives.
> Simply claiming rspamd does not have
> any wrong classification is definitely wrong.

It was promoted, that it has less false-decisions, however, I can agree or not once I have my test setup running a while. Currently I would say, it’s somehow similar with a small advantage on rspamd side. However, my rspamd is mostly like out of the box (just added some rbls and dcc) meanwhile spamassassin is tweaked by your KAM rules setup and razor2 + the same rbls + dcc + pyzor + geoaddon + heinlein, schaal, zmi, sought rules. My addons improved quality a bit.
>> and requires improvement for scoring to work better.
>>> you can also implement this without rspamd.
>> Yes, everything can be done without rspamd, but if I have a SA setup which
>> does not provide all abilities, I would try out something else/new, which
>> looks like the "Eierlegende Wollmilchsau".
> We use SA for more than 10 years now, it is extremely stable and reliable. So I
> would do everything
> to keep SA. If we detect errors, we fix them instead of replacing the whole
> software stack with
> something new and untested.

But you can see developments like bogofilter or orangeassassin coming from spamassassin getting old with modern replacements coming in like nginx, systemd, uefi, ... And it’s already out a while and tested yet.

However, it’s not wrong to stay on spamassassin, but also spamassassin allows rejects implemented via milter, which is already somehow standard and show the extracted froms and subject lines.
>>> That already works with the current system (See AVAST code ...)
>> Yes, but it's only avast which had bad publicity.
> If you want something else, please implement it and send patches (it really easy
> to do).

I‘m no developer any more, I don‘t know on how to use Sophos DI e.g. or on how to implement from extraxtion or subjects showing. Also would be an idea to replace „your“ spamassassin by mailwatch/mailscanner, but I‘m afraid, I can’t have e.g. two spamassassins on the system and as of same config files/paths will break system.

More information about the pmg-devel mailing list