Dominic Cleal's Blog

Been a while since I posted. Was intending for this to be for tech related info, but I just haven't been doing a whole lot recently I guess.

I've been trialling DSPAM for the past week or so on my personal domain with considerable success. It's pretty well trained after only a week, though I do wonder how it'll hold up in the long term with some of the Bayesian-poisoning tricks that spammers tend to use.

In that time, I've had four or five false positives, the latest being just this morning. All except the latest were what I'd consider to be fringe cases - newsletters from various companies and places that could equally be spam, except that I'd opted into them. The latest was a plain text e-mail, which I'm a little concerned about, but it seemed to have learnt by the time I received a reply.

The web interface is clear and easy to use, with some pretty pictures for statistics. My only concern is that in the long-term, I'm going to get out of the habit of checking the web interface and the quarantine page, so I think I'm going to have to change that mechanism. I'll most probably replace it with a "junk" folder that I can pick up and sort through over IMAP. This will then allow me to mark messages that DSPAM has missed by dropping them into that folder.

For false positives, I would either need to keep the web interface or enable the addition of DSPAM tags into the e-mail (which are appended, something like !DSPAM:45c84557195661648121434!) and then forward the messages. Keeping the web interface is my preferred solution I think, as it should be rare that a false positive occurs and I can load it up in that case. Otherwise, perhaps I can write a script to spot e-mails that have been moved out of the junk folder, but I'll have to see about that.

As for resource usage, it's extremely light. Memory footprint if you're using the daemon is almost non-existent compared to the large amount for SpamAssassin's daemon. I haven't been running with the daemon for the most part due to the relatively low volume of mail I get. The CPU usage is almost unnoticeable - perhaps this will increase as the signature database size increases, but I haven't been using it long enough to tell.

Overall, I'm very happy with it. Long-term remains to be seen, but I think I'll be switching to it from now on.