Background- From time to time I lurk at the forums @ webhostingtalk dot com. Recently a WHT user posted a thread bemoaning the fact that his host {NOT AOH, by the way} was kicking him out because his domain was drawing too much spam. The fellow reported that he has his catchall set to *blackhole* but his host still isn't satisfied.

Legend For my question, let...
Backbone = internet backbone
POP3 = AOH's POP3 server that services my domains
Files = My domain's files at AOH
Email = My home computer's email program
Assassin = Spam Assassin, as made available by AOH to its clients

Question #1

Which of the following {A or B} is the more accurate representation of where Spam Assassin sits relative to other stuff???

#A...
Backbone --> Assassin --> POP3 --> Files --> Email

#B...
Backbone --> POP3 ---> Assassin --> Files --> Email

Question #2 Is #A accurate {I HOPE}?

Question #3 If answer to #2 is "Yes" then am I correct in assuming that setting Assassin to blackhole the catchall stuff should significantly reduce the impact of spam on AOH's POP3 server?

Question #4 If #A is NOT the way it is, then why not? I mean, if the Assassin doesn't operate *upstream* of AOH's POP3 server, then what good is the Assassin?

grace & peace unto all........bellgamin

Its more like the following:

Backbone -> SMTP Server -> Mail Filters -> Spam Assassin -> Files -> POP3 -> Your Client

Spam Assassin can't be ahead of the SMTP server, because that is the process that receives messages from the outside world. The messages have to be received first before they can be filtered.

I read the thread on WHT that you are referencing also. While I can't say that it would be impossible to send enough email that we would notice, I would imagine that it would take a LOT of messages to get us to notice that they were being blackholed.

Its more like the following:

Backbone -> SMTP Server -> Mail Filters -> Spam Assassin -> Files -> POP3 -> Your Client

Spam Assassin can't be ahead of the SMTP server, because that is the process that receives messages from the outside world. The messages have to be received first before they can be filtered.

In which case, for a domain inflicted with lots of spam, it seems to me that Assassin isn't much help at all. Correct?

Probably a dumb question but here goes...
Why can't Assassin function as a proxy SMTP server, BEFORE mail reaches the real SMTP server?

While I agree that might be an excellent answer to the problem....then you would just transfer the issue to SA being the thing that was overloading the server.

While I agree that might be an excellent answer to the problem....then you would just transfer the issue to SA being the thing that was overloading the server.

Concerning SpamAssassin, the *Nuclear Elephant* sez...
If you're being mailbombed then SpamAssassin is the last thing you want running on your servers - I've seen it take up 99.9% CPU on some systems during a mailbomb. This is primarily due to the fact that SpamAssassin is written in PERL, an interpreted language with high overhead.

May I request you to read the FAQ {concerning DSPAM, a free anti-spam program for servers} at the *Nuclear Elephant* {you gotta love that name!} at...
http://www.nuclearelephant.com/projects/dspam/faq.html

I would be very interested to hear your comments.

grace & peace to all.......bellgamin

Its more like the following:

Backbone -> SMTP Server -> Mail Filters -> Spam Assassin -> Files -> POP3 -> Your Client

Is Mail Filters the webmail?

I believe "mail filters" is where it rejects mail with .eml and other virus-laden attachments.