I just checked the reverse DNS entries of about 10,000 legitimate E-mails we have here. Of them, 2.5% meet your regexp expression that you posted earlier.
You mean you checked the PTR hostnames of MTAs that sent you 10K legitimate emails?
So, you selected legit mail and said 2.5% would be blocked by my regex. You are selecting the data to fit your position.
I took the last 10,000 non-mailing-list E-mails sent to us, and 2.5% would be blocked by your regex. That's selecting *our* data, not selecting data to fit my position. If you have better data, please share it.
I consider false positives to be percentage of total rejects, not a % of total legit. I don't care about legit mail. It's not the problem.
That's not how anti-spam companies calculate FPs. If you have 9,990 spams and 10 legitimate E-mails, and you block all 10,000 E-mails, you don't have a .1% FP ratio. You have a 100% FP ratio.
The "percentage-of-legitimate-mail-caught-to-the-total-amount-of-mail-including-spam" ratio can be useful, but it isn't the FP ratio.
I'm not saying that using the reverse DNS entry filtering in spam control is wrong (actually, it's great). I'm saying that [1] People should only *block* E-mail based on that *if* they are willing to accept a lot of false positives, and [2] Everyone else should *only* use the reverse DNS entry filtering *if* it is used as part of an overall spam system (IE only blocking E-mail as a result of that *and* other failures).
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you have been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
