[unisog] Barracuda effectiveness (vs Puremessage)

Kim Cary Kim.Cary at pepperdine.edu
Tue Jul 17 15:19:37 GMT 2007

It's interesting that the replies (THANKS much!) on this are so  
diverse. Most of them involve manual operations with blacklist, etc,  
as below. We also find that Intent is too aggressive, but I think, IF  
we went with Barracuda we'd keep it on an let users operate their  
quarantine digests and whitelists rather than letting through the  
significant amount spam that is ONLY caught by intent.

On Jul 16, 2007, at 1:06 PM, unisog-request at lists.dshield.org wrote:
> manually tag enough messages as "spam" and "not spam" to enable their
> bayesian filtering and they get significantly better.

We would HAVE to leave the LDAP checking on. We do it now with  
Puremessage. Our LDAP servers (Active Directory) don't die (or even  
seem to notice the load) and it keeps from trafficking in the glut of  
NDRs that would be generated.

The two real appeals of Barracuda for us are 1) you can buy a  
redundant inbound and a single outbound filter with as, av & policy  
for less than the cost of Puremessage as+policy maintenance and 2)  
there is no server O/S or flakily implemented process management or  
fault intolerant database to maintain (we run Puremessage on 6 Suns:  
3 edge MXers, 2 Milters and a Central Database server).

The two biggest cautions with Barracuda are 1) widespread reports of  
frequent manual tuning required to satisfy users (we do NONE for  
Puremessage) and 2) in our tests a user that would get 10 spam let  
through by Puremessage would get 12 by Barracuda. Most users don't  
get anywhere near 10 with Puremessage, but that illustrates what I  
mean by 20% more spam is not caught.

More information about the unisog mailing list