Ned Slider put forth on 11/3/2010 6:33 PM: > My other thought was to simply comment (or document) ranges known to > contain FPs and then the user can make a judgement call whether they > want to comment out that particular regex based on their circumstances. > Not a very elegant solution.
I'm starting to wonder, considering your thoughts on FPs, if this might be better implemented, for OPs concerned with potential FPs, via a policy daemon, or integrated into SA somehow and used for scoring instead of outright blocking. I don't have the programmatic skill to implement such a thing. > Indeed, lets not detract from the fact that these regexes are very > effective. You implied earlier in your reply that this wasn't a > "sophisticated" solution but I have to admit I'm surprised just how > effective they are and just how *few* FPs there are for something not > sophisticated. As we've all read, the vast majority of spam sent comes from bots. These regexes target mostly bots, at least, transitively. So it shouldn't be terribly surprising that they stop a lot of bot connections, especially if put ahead of most other restrictions. If you stick a big net into a salmon stream during spawn you will catch a ton of salmon. ;) > I'm also mindful that we might be getting off topic for the postfix > users list? A little maybe. We are discussing fighting spam with Postfix smtpd restrictions and PCRE tables. And I think the effectiveness of this table, and our constructive criticism of this type of table, may be beneficial to others, maybe more for those Googling for "Postfix PCRE table" in the future than current subscribers. Who knows, our discussion may be seen by the right eyes and that someone may take off with this and improve many times over, in both catch rate and FP reduction. -- Stan
