MPP and Beyond

We are flooded with requests by people that are tired of SpamAssassin.  Tired of the slow performance, poor accuracy and endless time of administration.  Small sites hate the poor accuracy, large ones hate the performance and admin time.

SA has struggled to keep up with latest image spam and the increase in spam levels.  Recent attempts at OCR plug-ins have only had limited and temporary success, while further reducing performance.  SpamAssassin is probably the most widely deployed antispam filter in the world, yet, spam has only increased, which is testament to it’s failings.  I guess the same could be said of the antispam industry in general, which has grown tremendously over the past 5 years.  Even with the mercurial growth of this sector, only the growth in spam seems to outpace the antispam industry growth curve.  A digression, sorry.

On the topic of performance I always get a chuckle when a customer has to increase our SA timeouts to scan from our default of 6 seconds to about a minute to handle all cases of SA lameness.  Our commercial scanners scan spam in less than a few milliseconds, while SA can choke for a minute at times.   I have worked with customers who have replaced 8 SA servers with one MPP/Cloudmark server with room to spare.  Of course SA can be fine tuned in the local.cf file, but the percentage of SA users that we deal with that understand this file is quite low.

SA is a great tool for geeks and hard core admins with lots of free time, but to the rest of the world I think it is time to admit the failure of SA and look to new solutions.  Even though I will be unliked for this, I don’t think  that open source is the place to look for antispam technology unless you have tons of admin skills, expertise and time.  Other projects like DCC are only more complicated than SA, more limited in implementation models and require much more human interaction to work effectively.  There are open source projects like SPF, Domain Keys, Greylisting and Sender ID that can help, but these are only building blocks of larger architectures.

In my view, the commercial software industry is where spam must be tackled for a few reasons.  First of all, there are great solutions that exist already that are far more effecitve and scalable than SpamAssassin.  My product MPP works with a few commercial content scanners (cloudmark, commtouch, mailshell), and all blow the doors off of SA in all regards except for memory utilization.

I am always amazed when a customer will favor commercial av scanners over spending on commercial spam scanners.  MPP allows admins to use open source or commercial spam and virus scanners, which is a big benefit, however, our experience shows that open source AV scanning is far more effective than open source spam scanning.   For large environments open source av scanning is generally not feasible due to scaling and security issues, but for many small environments it is entirely adequate.

So,,,is it time to retire SA and start looking for better alternatives.  I say unless you have tons of time, great admin skills and a serious interest in constant tinkering, the answer is YES. Retire the old idea and think differently about new solutions.

My .02 cents!

Technorati Tags: spam, antispam, antivirus, email security, email, spamassassin, clamav, cloudmark, commtouch, mailshell, mpp