On Tue, 2006-02-14 at 11:15 -0800, Benjamin Smith wrote:
On Monday 13 February 2006 16:43, Joe Polk wrote:
It sounds like it will do the trick, then. Should we use it and SA or ditch SA? It sounds like some are.
The biggest problem I have with SA is that it gets it wrong often enough to be basically worthless. I mean, great - you filter on subject line, looking for "{Spam?}", but then you still have to go thru the junk folder in order to look for false positives, and then you end up reading through all the "P3n1s P|LLS" emails.
Gee, didn't we want to avoid this?
The trick with using spamassassin is adjusting the rule sets and getting bayes trained on your particular type of email. Once trained I have not had any false positives and only a few spam get through each week. This is on a system that only uses spamassassin (sadly I don't control the MTA that this system gets email from so greylisting is not an option).
http://www.rulesemporium.com/ has a number of excellent rules sets that improve detection rates and reduce or eliminate false positives.
Greylisting + blacklists equals good performance, no false positives, and greatly reduced spam volume, and usually reduced server loads as well. The blacklists I use are xbl-sbl.spamhaus.org, and the dialup/dsl list, as well as a few worst-offender countries. (EG: China, Korea, and Russia)
That is another very good solution.