Le 18/06/2010 11:28, Mark Goodge a écrit :
On 18/06/2010 10:17, Antoine Nguyen wrote:
Le 18/06/2010 11:15, Michael Weissenbacher a écrit :
Conclusion: the spam is passed! I could stop sending notifications
but I
think my employer would not like it...
Short answer:
You should NEVER notify anyone about detected spam! This will
effectively make yourself a spam source. It's even worse when you
attach
the original message.
hth,
Michael
I agree with that... but what about false positives?
There are three main options:
1. Just discard spam.
2. Quarantine spam, and allow the user to check their quarantine
folder and release it if necessary.
3. Don't intercept spam, just tag it and leave the actual filtering to
the recipient's own system.
I'm not a great fan of quarantining, although it works fairly well for
webmail systems where the quarantine can be accessed through the same
interface as the inbox (eg, Gmail and Hotmail). It's less helpful
where mail is delivered to a POP3 or IMAP box as users have to go to a
separate interface to check the quarantine.
Personally, I prefer to have an approach that's split between
discarding and tagging - discard anything that's a definite spam, and
tag the rest. That way, you minimise the worst effects of spam while
not blocking anything that might generate a false positive.
Mark
.
That's a good approach. I'm already discarding true spams and tagging
the rest (amavisd-new tag2 and kill levels). I think I'm going to
deactivate notifications and wait for eventual complaints from my users
about emails not arriving :-)
Many thanks for those quick answers.
Antoine.