[Mimedefang] Caching the results of a SpamAssassin scan

David F. Skoll dfs at roaringpenguin.com
Thu Apr 3 08:38:00 EST 2003

On Wed, 2 Apr 2003, Michael Sims wrote:

> Even though these were all separate SMTP sessions, each message has the
> exact same message-ID.  I thought it would be really nice if SpamAssassin
> could cache the results of it's scan for a particular message, and use the
> cached result if the same message-ID came through within a specified
> interval.

This is dangerous, because the message-ID is under the control of the
sender.  I could send one innocuous message with message-ID
<3jb4.foo.2kj3b4j5 at roaringpenguin.com>, wait an hour, and then send a
spam with that same message-ID.

Our CanIt product can optionally cache SpamAssassin scores, but we
declare two messages identical by running a hash over (part of) the
message body, and comparing hashes.  Even doing a SHA1 hash over 16kB
of data is significantly faster than SpamAssassin.


More information about the MIMEDefang mailing list