-------- Original-Nachricht -------- > Datum: Fri, 16 Jul 2010 11:03:27 +0200 > Von: Robert Schetterer <rob...@schetterer.org> > An: postfix-users@postfix.org > Betreff: Re: Better spam filter for postfix
> Am 16.07.2010 10:15, schrieb lst_ho...@kwsoft.de: > > Zitat von Robert Schetterer <rob...@schetterer.org>: > > > >> Am 16.07.2010 09:27, schrieb lst_ho...@kwsoft.de: > >>> Zitat von Henrik K <h...@hege.li>: > >>> > >>>> On Thu, Jul 15, 2010 at 11:06:44PM -0500, Stan Hoeppner wrote: > >>>>> > >>>>> I will say generically that for an OP who has the time, avoiding > >>>>> content > >>>>> filters and using SMTP time blocking methods is probably more > >>>>> effective in the > >>>>> long run and makes more efficient use of network and server > resources. > >>>> > >>>> You always have time to advertise content filters being "bad", so I > >>>> just > >>>> have to make a pointless rebuttal.. > >>>> > >>>> Can you tell me any big public service (not a one man server) that > >>>> doesn't > >>>> use content filtering at all? By public I don't mean a site that has > >>>> the > >>>> ability to block freemailers, universities, etc hacked accounts.. > >>> > >>> In Germany many companies have given up on content filtering because > it > >>> is not allowed to drop mail after accepting, if there is a chance that > >>> private mail *could* be involved. So with content filter your only > >>> choice would be to tag spam and let the user sort out, which lead to > no > >>> advantage for using content filter at all. > >>> So content filter are mostly a selling point and not a favorable > >>> "solution". > >>> > >>> Regards > >>> > >>> Andreas > >>> > >>> > >> why not use spamass-milter drops spam during smtp income stage > >> this is allowed anyway, also clamav-milter with sanesecurity works nice > >> this way, bouncing mail after recieve by whatever reason may produce > >> backscatter, so it isnt a good idea in every case or country, > >> normally you only flag spam and pass it and/or hold it ( for human > >> postmaster inspection ) i. if use amavis with after queue filter , mail > >> always needs daily support, and companies who stopped filtering in > >> germany ( i dont know one ) have mostly a problem with helpless admins > >> ignorant managers/users etc, not with law or existing antispam > solutions > >> so its mostly a human problem > > > > The point is > > > > - Before-Queue content filter is expansive and must be combined with > > "cheap" reject techologies anyway > > sorry explain "cheap" > Content filtering where you process the WHOLE message is considered as expensive. Just processing a bunch of headers or checking the client against DNSBL/RHWL/DNSWL/etc or checking the client IP reputation or checking things like proper HELO/EHLO or or or is considered as cheep. > if you have non negliable load > > - Tagging spam is nearly useless because no user like to poke through > > the dustbin to search for potential lost mail > > i dont understand, as you always need support mail, > its no problem to solve user questions, only the rate of questions > should be handable by the corosponding number of postmaster and/or > supporters > > > - Spam-Bouncing is no option at all > > why ?, a bounce is no thing of evil, there will be bounces by several > reasons ever > > > - In general the false positive rate is a higher and more difficult to > > find out with content filter compared to a sane set of reputation based > > filters > > i have false postive under 0,1 promille > no problem here > > > > > So the most reasonable approch is to ditch content filter at all and use > > a sane set of reputation based decisions and maybe greylisting to reject > > spam at earliest possible stage. > > you should always use all usefull antispam technics which make sense > anyway ( specially that ones that are native in postfix ) > greylisting is one of them , > Greylisting is NOT native to Postfix! > but in a few cases on my site > simply does not work anymore defending bots > so antispam is always a filter chain, the real antispam filter such as > spamassassin should always be one of the last > > > > I don't speak about or even recommend to not use spam filtering, but > > content filter is sometimes the bigger problem compared to some slipping > > through spams. > > maybe, thats individual, like spam always is, > competent postmaster should choose the right way in the right case > > > > > Regards > > > > Andreas > > no need to flame, i have no problem with supporting ca 10 mailservers > with antispam enabled up to 10000 mail addresses > some spam always slipping trough,always some false positives , thats the > nature of the beast, the goal is keeping that rate low > in my case spam filtering is no such problem , as mailservers that have > buggy dns setups are in rbls etc, > after all, one of the biggest problems are false tagging to antispam > filters in mail clients i.e outlook > which produces more questions then server side filters, as most users > dont understand their mail client settings > > -- > Best Regards > > MfG Robert Schetterer > > Germany/Munich/Bavaria -- GMX DSL: Internet-, Telefon- und Handy-Flat ab 19,99 EUR/mtl. Bis zu 150 EUR Startguthaben inklusive! http://portal.gmx.net/de/go/dsl
