[CentOS] Milter-Greylist

Tue Feb 14 19:34:20 UTC 2006
Scot L. Harris <webid at cfl.rr.com>

On Tue, 2006-02-14 at 11:15 -0800, Benjamin Smith wrote:
> On Monday 13 February 2006 16:43, Joe Polk wrote:
> > It sounds like it will do the trick, then. Should we use it and SA or 
> > ditch SA? It sounds like some are.
> The biggest problem I have with SA is that it gets it wrong often enough to be 
> basically worthless. I mean, great - you filter on subject line, looking for 
> "{Spam?}", but then you still have to go thru the junk folder in order to 
> look for false positives, and then you end up reading through all the "P3n1s 
> P|LLS" emails. 
> Gee, didn't we want to avoid this?

The trick with using spamassassin is adjusting the rule sets and getting
bayes trained on your particular type of email.  Once trained I have not
had any false positives and only a few spam get through each week.  This
is on a system that only uses spamassassin (sadly I don't control the
MTA that this system gets email from so greylisting is not an option).

http://www.rulesemporium.com/ has a number of excellent rules sets that
improve detection rates and reduce or eliminate false positives.  

> Greylisting + blacklists equals good performance, no false positives, and 
> greatly reduced spam volume, and usually reduced server loads as well. The 
> blacklists I use are xbl-sbl.spamhaus.org, and the dialup/dsl list, as well 
> as a few worst-offender countries. (EG: China, Korea, and Russia) 

That is another very good solution.