> I'd like something quasi-official if possible, so I can tell my > bosses: according to this report, even with diligent spam filtering, > xx% of the email people receive is still spam. If fewer than xx% of > your email is spam, we're ahead of the curve.
I really don't have anything that measures the percentage of spam received after filtering. The main reason for this is that it depends on users to report it, and ours are notoriously unreliable in that regard. Personally, I received 5 to 10 spam per week in my inboxes after filtering. Generally the ones I receive are new forms of spam that SA rules and DNSBLs haven't picked up on yet. Other that that, I can share the overall daily stats I get. Sorry for the HTML posting, but the stats come in a nice HTML table which just isn't so readable in text-only mode. Note that the term "messages" is applied more generally here to include both messages and connections that didn't result in messages (blacklisting and greylisting). E-mail SPAM Stats for 11/26/2006 Total messages attempted 23302 100% E-mail accepted and delivered 1220 5.2% SPAM, blocked or dropped 22082 94.8% DNS Blacklists (zen.spamhaus.org & list.dsbl.org) and greylisting Blocked by RBL 13692 58.8% Blocked by greylisting 855 3.7% Messages accepted (not blocked) 8755 37.6% SpamAssassin Content Filter Internal E-mail (not filtered) 395 4.5% Classified as Real e-mail 825 9.4% Classified as SPAM 7535 86.1% Explanation: Messages arrive on our server from a variety of sources. First a block list is applied to connections. This is done before the e-mail is received reducing the time it takes to process messages that are almost certainly spam. For the messages that are accepted, messages that are from our internal network, or sent by users that first authenticate to an account on our server, no further filtering is applied. Other e-mail is sent to SpamAssassin to determine whether or not it thinks the message is spam. The stats above reflect the process by which e-mail is either rejected or accepted with totals at the top. Greylisting is a new theory in spam reduction. Essentially, a connection is rejected with a temporary rejection code which allows servers that follow standards to try again later, while many spam sources do not bother to try again. We recently implemented a form of greylisting where when we receive a message the SpamAssassin scores over a limit, we block further contact with that source for a short time. The theory is that it should reduce the total attempted spam e-mail connections thus reducing load on the server. Time will tell.
