On 11/23/2011 7:01 PM, Christian Grunfeld wrote:
Define "bypass first level"? Are you suggesting that for every 1 ham you
deliver, you deliver 10 spams into user's mailboxes? Or do you do further
filtering?
I defined it in the part you did not quote!
First level, MTA level: check helo, sender domain, IP<-> name maps
and also greylists !
It wasn't clear if that's what you're referring to as "first level",
personally I'd throw DNSBLs and just about anything else that happens
pre-DATA into "first level"
I run various content scanning (including SpamAssasssin) at the MTA
level myself.
These reduce 30000 incomings to 3000. Then these 3000 goes trough
other filters: SA, antivirus, etc. 300 of these 3000 are really ham,
the other 2700 are spam. I did not say that SA efectively selects the
300 and the 2700 ! if that was true we are not discussing in this list
!
So you're suggesting that users review 2700-3000 spam messages
messages/day (depending on how many were already whitelisted) to look
for some of those 300?
--
Dave Warren, CEO
Hire A Hit Consulting Services
http://ca.linkedin.com/in/davejwarren
