Chris L. Franklin wrote:
Why bother running SA in the first place? Run gray listing with all of your *normal* methods and remove SA all together? You will save Tons of cpu (no need to run a rule based system.) Since you don't bother to run any of the ham scoring rules, why bother running SA at all?Andy Smith wrote:Thanks but we do run my servers as I posted above (minus the Non DNS compliant part).On Sat, Oct 22, 2005 at 11:05:07AM -0400, Chris L. Franklin wrote:For starters AWL, white lists and black lists in my option ar ethe worst things ever. I disable them from the start. If your going to whitelist some one, why would you want them to even go though SA. (I don't)Because a source that regularly sends you legit email, e.g. a mailing list, might send email that is borderline spammy and the only thing that tips it back into legitimate territory is the autowhitelist and bayes based on what YOUR users consider ham.if there blaklisted I don't want them even want the server accepting a email for me / the user if they are black listed.There are lots of blacklists and DNSBLs that work best as contributors, not as absolute yes/no arbiters of what should be accepted.And again negative-scoring is useless if u need to write a negative score you problitly should rethink your positive scoring rules.I don't understand why you are using SpamAssassin if you really believe the above.All this taking into a account Removing AWL, and negative-scoring. There are no real problems.And as a side note about net rules, if your really into using these then you'll probabliy just want to tune the server not to accept email from non-RDNS or invaild dns lookups.Masses of legitimate email comes from hosts with no reverse DNS, incorrect HELO and other borderline or actual RFC violations. I don't think you have thought this through and I believe that you would do well to accept some of the wisdom of those that have. If not, well, try it, and report back as to how well that works out for you, so that everyone else can see how wrong they are.Blacked listed user and Domains my server to not accept messages from. Whitelisted users and domain DO NOT get passed though SA WE DO NOT use negitive scoring. We Stop 99.2% of all spam and get less the %0.82 miss marked emails.We Subject mark at 5 points, and We report a "550" error" on all emails with a score of 8 or more during the smtp transaction. (Yes we Do SA scanning during the smtp transaction. Aka we stop spam at the door.)
I see you are trying to implement something that on the surface seems good.. However, gray listing may get just what you want. And you could even do challenge response...
SA's strong points are not only identifying ham, but also spam. I wounder how you white list? Do you do it by server? then you open yourself up to mountains of spam from the 'freebie's' (hotmail, yahoo, et al.)
I am also curious about you claim that you only get .82% false positive, do you keep spams? You'd be out of a job pretty quickly if nearly 1% of your customer's mail was 550'd in the field I work in.
SA does a good job for what it was designed for, not only a Spam classifier, but a Ham classifier. We also do spam check at the SMTP level along with RBL and SPF checks. We get nearly .0001% false positive error rate, along with 6 9's capture rate of spam. I set SA up properly, and tune it as new threats arise (bayes is one area where this is good.) Where I work, our mail all sounds the same, so bayes also helps in the regard, that if some RBL's hit, there are enough neg. scoring rules to get that mail through, on time, where it needs to be (we are talking $1K/hr here if that mail is NOT delivered because our spam filter decided a good mail was bad because of a miss-configured remote server....)
-- Thanks, JamesDR
smime.p7s
Description: S/MIME Cryptographic Signature
