[Esd-l] Order of Email Sanitizer in procmailrc
John D. Hardin
jhardin at impsec.org
Thu Jul 29 17:17:27 PDT 2004
On Thu, 29 Jul 2004, Mike McCandless wrote:
> In our /etc/procmailrc file (used with Postfix), we invoke the following
> in this order:
> - email sanitizer
> - spamassassin
> - clamav
>
> Should it matter if we modify the order in which email sanitizer runs?
In the current order you may want to apply the spamassassin patch
that's on the sanitizer website.
The order of operations is a subject for discussion: which tool
generates the most system load? Which one discards the most messages?
I would say the AV scanner should be last. I think that's the
"heaviest" tool, but I have no numbers to back that up - can anyone
provide any?
I've tried to make the sanitizer as lightweight as possible.
Single-pass, avoid reading entire attachments into memory, etc.
Spamassassin runs a lot of REs across the entire message body and
headers, and can perform DNS lookups.
Personally, I would say the above order is the best. What is
your reason to alter it?
Anybody else care to comment? Anybody have solid performance numbers
on the various tools?
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org FALaholic #11174 pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The [assault weapons] ban is the moral equivalent of banning red
cars because they look too fast.
-- Steve Chapman, Chicago Tribune
-----------------------------------------------------------------------
46 days until the "Scary-Looking Guns" ban expires
More information about the esd-l
mailing list