On Tue, 2006-02-14 at 11:15 -0800, Benjamin Smith wrote:
> On Monday 13 February 2006 16:43, Joe Polk wrote:
> > It sounds like it will do the trick, then. Should we use it and SA or
> > ditch SA? It sounds like some are.
>
> The biggest problem I have with SA is that it gets it wrong often enough to be
> basically worthless. I mean, great - you filter on subject line, looking for
> "{Spam?}", but then you still have to go thru the junk folder in order to
> look for false positives, and then you end up reading through all the "P3n1s
> P|LLS" emails.
>
> Gee, didn't we want to avoid this?
That isn't true ... I don't mark the SPAM, i send it to a separate
folder that the users never see. I delete files older than 2 weeks from
the folder. If someone complains that an e-mail didn't get to them
(happens maybe once in a 3 month period) and it's less than 2 weeks old,
I find it and give it to them.
>
> Greylisting + blacklists equals good performance, no false positives, and
> greatly reduced spam volume, and usually reduced server loads as well. The
> blacklists I use are xbl-sbl.spamhaus.org, and the dialup/dsl list, as well
> as a few worst-offender countries. (EG: China, Korea, and Russia)
There are certainly false positives with greylisting and blacklisting.
People with legitimate e-mail servers get hacked all the time and send
SPAM ... those get through the lists. I use the same xbl-sbl spamhaus
list, and spamassassin on top of that. I block an extra 1500 e-mails
per day with SA that would otherwise get through.
That is not to say that both SA and grey/blacklisting aren't both good
methods ... they are. They are both effective, do different things, and
are not mutually exclusive.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20060214/08b7593b/attachment-0005.sig>