Re: (postfix) SPAM filter?

Sun, 16 Dec 2007 11:45:36 -0800

--On December 16, 2007 8:13:34 PM +0100 "Heiko Wundram (Beenic)" <[EMAIL PROTECTED]> wrote: 

Neither of the two packages I recommended are anything close to bayesian
filtering, as they don't actually take measure on the content of the
mail  (which isn't available anyway when the corresponding rules are
effective in  the Postfix restriction mechanism), but rather on the
conditions the mail is  received under. This is what makes them (much
more) lightweight (than for  example a full statistical or bayesian
filter) in the first place.

I've not had a single false positive which wasn't explained with
incorrect or  plain invalid mailserver configuration on the sender side
so far with these  two packages, and the possibility of a false negative
in our current  environment is something close to 1%, at least according
to my mailbox (which  gets publicized enough by posting to @freebsd.org
addresses).
I've been using policyd-weight for more than a year now, and I've had exactly one problem with it. It rejected legitimate mail because that particular ISP didn't have a clue about DNS. I tweaked the rules very slightly to cause a score for legitimate mail to fail just below the threshold for rejection, and I've not had a single false positive since.
Policyd-weight rejects between 50% and 80% of the incoming mail (it varies by the day) before the mail server ever even processes it. I also use spamassassin, and I have set it up so that borderline mail that's rejected gets copied to a folder (/var/spool/spam) so I can review it. Occasionally I have to recover an email from that folder because it was "falsely" labeled as spam. Usually it's someone using incredimail or a similar service that loads up an email with all sorts of extra junk.
Policyd-weight is the perfect complement to a tool like spamassassin. It gets rid of all the "obvious" spam (fake MXes, dailup "mail servers", servers listed in multiple RBLs, etc.) before spamassassin has to make a decision about it. 

Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to