From: "Bret Miller" <[EMAIL PROTECTED]>
We're in the need of checking parts of our outgoing email for
spam (read:
we've got unknown webmail users.. hugs lots of them,
actually.. and some of
them have this annoying habit of sending nigeria spam)
My question is how to get SpamAssassin to identify the spam,
as the network
tests will be quite useless (all the email will be originating in a
standard format, from our own servers). Bayes will probably be quite
efficient, and so will various other local checks - but I
have this nagging
feeling that the standard weighting of the rules will be too
lax in this
use-case (due to nothing but content-checks triggering).
How do we re-weight the rules, and does anyone have any good
suggestions on
which checks to use? Also, checking for certain blacklisted
URLs in the
messages will probably help (Someone recommended SURBL for
this) .. but I
think a re-weighting will still be in order.
Suggestions?
I'd be inclined to try the SARE fraud rules (see www.rulesemporium.com)
in addition to the SA internal and bayes tests. If you find that doesn't
give you a high enough score, pushing the BAYES_99 score a little higher
might be in order.
Bret
+++++++++
Another good technique is to count the number of addresses for message
receipt or the number of messages the user has sent and throttle based
on "too many". For "Way Too Many" throttle back to one message every
five minutes.
{^_^}
