Will Yardley wrote: > the fact of the matter is that spamassassin works. i personally > wouldn't use it to bounce messages, although if the score is high > enough, i'd probably feel safe doing that too. i wouldn't use it in a > general purpose ISP situation like the one he describes unless i was > just tagging mail and letting people make their own decisions.
That's pretty much what yahoo and hotmail do. They will place spam messages in a separate Spam folder so that the user can peruse through it in case something was blocked by accident. > the actual scores are (from what i understand) taken from a script which > looks through peoples spam folders (as mbox files) and determines what > score something should get. I was curious about this after I first installed SpamAssassin, and it's pretty slick. Distributed with the package is a script will basically greps for the X-Spam-Status field in the mbox files and produces a histogram of how often each test appears in a piece of spam or non-spam. You run this for your spam folder, and for each of your legitimate mail folders and send the results (which don't contain any private info other than how much spam you receive :). The scores for each test are then calculated by running a genetic algorithm that is attempting to minimize false-positives. > thus, there are some things that you'd intuitively think should be > scored a lot that are actually a negative score, while other things are > scored higher than you'd think. Yes, one of the surprising things I noticed was that the string $$$ actually makes SpamAssassin consider the email LESS likely to be spam. (I found it amusing that the author of that talkbiz piece failed to recognize this fact even though he ranted about it). > it generally takes several tests to get a message blocked. in any event, > sorry to continue this OT discussion. if you haven't already, > definitely check out spamassassin. i was a long time spambouncer user, > but i have to say i've been converted. Same here. I get a ton of spam at my work address (30-40 messages/day) and so far I've got no false-positives and only a few false negatives (maybe 2 per day). I'm even planning on giving a talk on SpamAssassin at a local LUG meeting next month.
