Henrik Krohns wrote:
On Fri, Mar 02, 2007 at 09:28:13PM -0800, MrC wrote:
An upcoming amavisd-new release provides the ability to consider Phishing
scams, etc. as spam rather than viruses.
And it works great! Now the statistics look silly, so little real viruses
coming in..
Don't forget we're all throwing out a much larger net, now, thanks to
the ClamAV team. We may have caught these same messages with other means
before ClamAV had these capabilities, but clearly Clam is vastly more
effective at catching *undesirable* mail than ever before. Our friend
Steve has provided a huge service that builds on these new capabilities,
and let me complement the MSRBL lists, too, and of course the excellent
updates from the ClamAV team. Everyone's a hero in my book.
A little story. About two weeks ago when I got in to work I had an email
there from a manager wanting to know why some of our users get so much
spam. I started cranking out a report for a typical 7-day period. Rough
numbers, here, but accurate. 1 million connections, 850,000 rejections,
650,000 of which were rejected because of ClamAV or J-Chkmail
(content/behavior/SURLBL milter), and the rest scattered amongst various
DNSBL lists.
Then I broke out the specifics and included false positives (based on
user-generated tickets < 10/month). The report demonstrated our
effectivity is quite good. We also learned that users who use their
corporate email address to register for products/blogs/mail lists are
most likely to be hit with spam. This is probably not news to most of us.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
