On Tue, 2006-02-14 at 11:15 -0800, Benjamin Smith wrote:
> On Monday 13 February 2006 16:43, Joe Polk wrote:
> > It sounds like it will do the trick, then. Should we use it and SA or
> > ditch SA? It sounds like some are.
>
> The biggest problem I have with SA is that it gets it wrong often enough to be
> basically worthless. I mean, great - you filter on subject line, looking for
> "{Spam?}", but then you still have to go thru the junk folder in order to
> look for false positives, and then you end up reading through all the "P3n1s
> P|LLS" emails.
>
> Gee, didn't we want to avoid this?
>
The trick with using spamassassin is adjusting the rule sets and getting
bayes trained on your particular type of email. Once trained I have not
had any false positives and only a few spam get through each week. This
is on a system that only uses spamassassin (sadly I don't control the
MTA that this system gets email from so greylisting is not an option).
http://www.rulesemporium.com/ has a number of excellent rules sets that
improve detection rates and reduce or eliminate false positives.
> Greylisting + blacklists equals good performance, no false positives, and
> greatly reduced spam volume, and usually reduced server loads as well. The
> blacklists I use are xbl-sbl.spamhaus.org, and the dialup/dsl list, as well
> as a few worst-offender countries. (EG: China, Korea, and Russia)
That is another very good solution.