Steve a écrit : > -------- Original-Nachricht -------- >> Datum: Sun, 03 Jan 2010 23:37:18 +0100 >> Von: mouss <mo...@ml.netoyen.net> >> An: postfix users list <postfix-users@postfix.org> >> Betreff: Re: anti spam measures > >> Roman Gelfand a écrit : >>> I am running postfix with anti spam filter (policyd-weight, sqlgrey, >>> grossd, dkim, senderid-milter, dspam) . With this configuration, I am >>> down to under 10 spams a day. Looking at my backend server which is >>> exchange 2007, I find that all of the remaining spam messages have >>> spam confidence level of 7 or greater, which implies this is blatant >>> spam. Is there spam filter software software that works with postfix >>> that can perform checks similar to that of exchange 2007 spam >>> confidence level? >>> >> we can't really tell since we didn't see the messages that made it >> through postfix+friends. >> >> if the messages contained a URI listed at uribl or surbl, then you could >> try using uribl/surbl via milter-link or via spamassassin (via >> amavisd-new). >> >> anyway, You can add spamassassin (via amavisd-new) to your chain and see >> if it improves your filtering. >> > I am for sure one of the people that should keep his mouth shut since I have > a to strong bias but SpamAssassin? Why? He is using DSPAM and if I would > purpose him another free solution then only something like CMR114 or OSBF-Lua. >
because I don't believe he will improve his filtering by adding more statistical filters (I think: if this was true, he can improve by better training/tuning of dspam). In contrsat, adding a finely tuned heuristic filter will certainly improve his results. one example: Justin Mason anti-fraud rules (JM_SOUGHT*) will block fraud mail that you can't block statistically (because you don't get enough of it to train a statistical filter). unless if you are a large ISP/MSP with users who report fraud mail quickly and you train your filter with these reports quickly. other examples include: URIBL rules (granted, you can use milter-link), DNSxL rules applied to Received headers (mail that is "touched" by a host in Spamhaus SBL is unwanted!)... Once again, I said "add spamassassin" not replace dspam. This is because OP wanted to block "more". but adding SA in a way that improves his results is not effort free. which is why I said: > >> at one time, the question becomes: is the additional effort worth the >> pain? >> > Good question. I personally am from the school of access control before content filtering. so I don't feel comfortable arguing for SA vs dspam vs foofilter.