Tom Metro wrote: > I imagine that the already small population of geeky people who ran mail > servers for personal use has gotten even smaller.
I'm one of the holdouts who still runs a personal mail server, 20 years later. I use spamassassin with just the free dcc, razor2, and a handful of homebrew rules for filtering. But with the rise of port-25 filtering by cable/DSL providers starting a decade ago I had to supplement this with a couple of the following types of commercial and/or free services: 1) Inbound forwarders 2) Outbound relays 3) Spamassassin-compatible filtering-agent service 4) Inbound front-end services The other two options you can choose are appliances (many of which are just embedded systems with Linux and Spamassassin installed, tied to a filtering database in the cloud), or commercial web hosting. That last category has captured about 99.99% of the market these days; I work at a company which uses one, and my last job was at a fortune-500 company which also used one (most are just glorified Microsoft Exchange servers). A few comments about the services I use: For item #1, forwarders, much inbound spam gets caught by the relatively lightweight rules of the DNS provider I use, EasyDNS, which also includes port-25 remapping as a free service. For item #2, there are a whole bunch of companies which you can aim your outbound postfix/sendmail config at via the smarthost/transport map rules. Many of them are in the same niche as Constant Contact and its ilk; they live or die by the reputation of their outbound IP addresses, so they have to manage all the "take-me-off" requests to maximize deliverability. The beef I have with most of these services is they don't strip the outbound Received headers, which means the IP address of your outbound mail is visible to the recipient. Officially, that's not supposed to matter; unofficially, a gazillion large webmail providers (read: yahoo, aol, et al) include any IP address they can see in the headers as part of their secret spam-control methodology. A couple years ago I sampled about a dozen companies in this category, and found only one (MailJet) that strips outbound Received headers. You're reading this through that service now, so the headers of this message should show you what I mean by that. For item #3, I subscribed to one of these about 3 employers ago, and it worked great. I don't see that company listed at the Apache site anymore so maybe it wasn't such a profitable niche. You'd subscribe to their cloud service, download their Spamassassin plugin, and let them deal with all the nuances of spam control that the freebie rules can't keep up with. I suspect they went out of business because: the freebie rules are quite good. Just set up your SA config in the recommended way, with a daily auto update of rules, and you'll be pretty happy with the outcome. (The free ruleset /is/ updated constantly.) For item #4, I don't need anything beyond the front-end service provided by EasyDNS given that I've got a private instance of Spamassassin. But if you're running a small/medium company but want to keep a private email installation, you might want to skip maintaining a local spam filter pay one of those companies for the inbound forwarding service. Tons of such companies can be found, starting with the recommendations on the Apache spamassassin site. The reason Spamassassin hasn't been updated since 3.3.2 is simple: it's a mature plugin-based technology that really doesn't need changes. The whole world settled on it years ago and there's an active ecosystem of providers who rely on the platform to supply the rulesets needed. And, it's hard to compete with free: that's why you don't see a whole lot of upstarts trying to come up with a replacement core platform; it's unsurprising that most of the commercial appliances are based on Spamassassin itself. -rich _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
