On Thu, 18 Sep 2008, Jules Yasuna wrote: [snip..] > SA has been working great! Very few spam messages get through. Then, we > made ONE change > to the machine. We turned off BIND, and just resolve to the ISP name > servers. After that, lots > and lots of spam gets through ? Not everything, just a lot more than > when BIND was running locally > [snip..] > So, really that is all we did. After that, lot's of spam gets through. > > Just to check, we turned our nameserver back on (and adjusted > /etc/resolv.conf accordingly), and once > again SAworks great ! > > So, please tell me what I am doing wrong here > > Thanks in advance ... jules
To paraphrase an old joke: Patient: "Doctor Doctor, it hurts when I poke a stick into my eye. What should I do to stop the pain?" Doctor: "Don't poke a stick into your eye". It's considered generally good advice for spamassassin sites to run a local DNS server to reduce network traffic and timeouts. Is there a compelling reason not to follow this advice? Probably your ISP's DNS servers are busy and prone to delays, causing timeouts and loss of DNS based rules (RBLS, etc). Either run a local DNS server, find a better off-site server that doesn't suffer from delays (ask for permission to use them tho), or increase your network test timeout settings and expect delays in processing mail. -- Dave Funk University of Iowa <dbfunk (at) engineering.uiowa.edu> College of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527 #include <std_disclaimer.h> Better is not better, 'standard' is better. B{