Re: Does anyone known the braindead anti-spam software "MagicSpam" ?
Per Jessen wrote: > I got the following reject this morning: > > : host mail.example.com[1.2.3.4] said: 550 > Dynamic > Style reverse DNS IP=[212.25.14.40].Rejected by MagicSpam > 1.0.4-9.1 (http://www.magicspam.com/). > > > Do a reverse look up of 212.25.14.40, and you'll see that it's > perfectly alright. FYI, I have just now reported this issue to magicspam.com, who within an hour confirmed they had already started investigating the problem. /Per Jessen, Zürich
Re: Does anyone known the braindead anti-spam software "MagicSpam" ?
On 11/10/10 2:45 AM, Matus UHLAR - fantomas wrote: On 10.11.10 08:23, Per Jessen wrote: I got the following reject this morning: : host mail.example.com[1.2.3.4] said: 550 Dynamic Style reverse DNS IP=[212.25.14.40].Rejected by MagicSpam 1.0.4-9.1 (http://www.magicspam.com/). 40.14.25.212.in-addr.arpa. 3600 IN CNAME 40.32-63.14.25.212.in-addr.arpa. well, the 40.32-63.14.25.212.in-addr.arpa is surely dynamic-looking ;-) as expected for classless DNS CIDR subdelegation, and valid according to rfrc's. magicspam didn't resolve the cname (either of them I suspect). not sure if I would use a cnam for quarantine.spamcheck.net. .. just put a second record in the zone file. host -t ptr 212.25.14.40 40.14.25.212.in-addr.arpa is an alias for 40.32-63.14.25.212.in-addr.arpa. 40.32-63.14.25.212.in-addr.arpa domain name pointer quarantine.spamchek.net. # host -t a quarantine.spamchek.net quarantine.spamchek.net is an alias for thorium.enidan.ch. thorium.enidan.ch has address 212.25.14.40 # host -t a thorium.enidan.ch thorium.enidan.ch has address 212.25.14.40 -- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 ISN: 1259*1300 >*| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best in Email Security,2010: Network Products Guide * King of Spam Filters, SC Magazine 2008 __ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ __
Re: Does anyone known the braindead anti-spam software "MagicSpam" ?
Lee Dilkie wrote: > > On 11/10/2010 6:32 AM, Michael Scheidell wrote: >> On 11/10/10 2:45 AM, Matus UHLAR - fantomas wrote: >>> On 10.11.10 08:23, Per Jessen wrote: >>>> I got the following reject this morning: >>>> >>>> : host mail.example.com[1.2.3.4] said: 550 >>>> Dynamic >>>> Style reverse DNS IP=[212.25.14.40].Rejected by MagicSpam >>>> 1.0.4-9.1 >>>> (http://www.magicspam.com/). >>> 40.14.25.212.in-addr.arpa. 3600 IN CNAME >>> 40.32-63.14.25.212.in-addr.arpa. >>> >>> well, the 40.32-63.14.25.212.in-addr.arpa is surely dynamic-looking >>> ;-) >>> >> as expected for classless DNS CIDR subdelegation, and valid according >> to rfrc's. magicspam didn't resolve the cname (either of them I >> suspect). >> not sure if I would use a cnam for quarantine.spamcheck.net. .. just >> put a second record in the zone file. > > This looks like RDNS delegation to me, allowing a statically assigned > block of addresses from an ISP to control their own RDNS lookups. Yep, that is precisely what it is. /Per Jessen, Zürich
Re: Does anyone known the braindead anti-spam software "MagicSpam" ?
On 11/10/2010 6:32 AM, Michael Scheidell wrote: > On 11/10/10 2:45 AM, Matus UHLAR - fantomas wrote: >> On 10.11.10 08:23, Per Jessen wrote: >>> I got the following reject this morning: >>> >>> : host mail.example.com[1.2.3.4] said: 550 Dynamic >>> Style reverse DNS IP=[212.25.14.40].Rejected by MagicSpam >>> 1.0.4-9.1 >>> (http://www.magicspam.com/). >> 40.14.25.212.in-addr.arpa. 3600 IN CNAME >> 40.32-63.14.25.212.in-addr.arpa. >> >> well, the 40.32-63.14.25.212.in-addr.arpa is surely dynamic-looking ;-) >> > as expected for classless DNS CIDR subdelegation, and valid according > to rfrc's. magicspam didn't resolve the cname (either of them I > suspect). > not sure if I would use a cnam for quarantine.spamcheck.net. .. just > put a second record in the zone file. This looks like RDNS delegation to me, allowing a statically assigned block of addresses from an ISP to control their own RDNS lookups.The owner of the address block wouldn't be able to modify the upstream's RDNS zone files so that's why the upstream has put in CNAME records, to force the resolver to the owners zone file. and if it is... most certainly not a dynamic ip. -lee > > host -t ptr 212.25.14.40 > 40.14.25.212.in-addr.arpa is an alias for > 40.32-63.14.25.212.in-addr.arpa. > 40.32-63.14.25.212.in-addr.arpa domain name pointer > quarantine.spamchek.net. > # host -t a quarantine.spamchek.net > quarantine.spamchek.net is an alias for thorium.enidan.ch. > thorium.enidan.ch has address 212.25.14.40 > # host -t a thorium.enidan.ch > thorium.enidan.ch has address 212.25.14.40 > > >
Re: Does anyone known the braindead anti-spam software "MagicSpam" ?
Matus UHLAR - fantomas wrote: > On 10.11.10 08:23, Per Jessen wrote: >> I got the following reject this morning: >> >> : host mail.example.com[1.2.3.4] said: 550 >> Dynamic >> Style reverse DNS IP=[212.25.14.40].Rejected by MagicSpam >> 1.0.4-9.1 (http://www.magicspam.com/). > > 40.14.25.212.in-addr.arpa. 3600 IN CNAME > 40.32-63.14.25.212.in-addr.arpa. > > well, the 40.32-63.14.25.212.in-addr.arpa is surely dynamic-looking > ;-) > I know :-) /Per Jessen, Zürich
Re: Does anyone known the braindead anti-spam software "MagicSpam" ?
On 10.11.10 08:23, Per Jessen wrote: > I got the following reject this morning: > > : host mail.example.com[1.2.3.4] said: 550 Dynamic > Style reverse DNS IP=[212.25.14.40].Rejected by MagicSpam 1.0.4-9.1 > (http://www.magicspam.com/). 40.14.25.212.in-addr.arpa. 3600 IN CNAME 40.32-63.14.25.212.in-addr.arpa. well, the 40.32-63.14.25.212.in-addr.arpa is surely dynamic-looking ;-) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 42.7 percent of all statistics are made up on the spot.
Does anyone known the braindead anti-spam software "MagicSpam" ?
I got the following reject this morning: : host mail.example.com[1.2.3.4] said: 550 Dynamic Style reverse DNS IP=[212.25.14.40].Rejected by MagicSpam 1.0.4-9.1 (http://www.magicspam.com/). Do a reverse look up of 212.25.14.40, and you'll see that it's perfectly alright. /Per Jessen, Zürich
Re: [SA] MagicSpam
Aaron Wolfe wrote: >> Even given a server that has these things, I'm surprised they >> have invented technology that can analyze a postfix install to >> the degree needed for correct installation of their product with >> no more than a single click. With tech like that, I can't >> believe they haven't taken the world by storm. Maybe they're >> still working on single click world domination technology. rich...@buzzhost.co.uk wrote: > I have to totally agree. Postfix is *so* configurable that a single > point & click installer is just nonsense. I don't think Postfix > 'installation' as it is could be any easier than Debian: apt-get > install postfix. That's the easy bit. It's the configuration that > takes the skill. I disagree. This depends on the product's nature. I believe MailChannels Traffic Control does exactly that. The "one-click" would be an RPM/DEB package (or an actual GUI installer like BitRock) for Windows-style sysadmins who need a GUI while other sysadmins would be able to install with rpm or dpkg (or an included install binary/script) with a single command. All Traffic Control does is sit in front of the mail server and act as a discriminating proxy. Having not read any of MagicSpam's documentation, I can only assume that their product acts somewhat similarly, directly intercepting incoming mail as if it were the server, then doing some kind of hand-off to the real mail server. For 90+% of the users out there, no configuration options would be needed, and for a good number of the rest, a few menus could handle the bits that can't be resolved themselves. Traffic Control's selective tarpits are enough to stop almost all incoming spam, and the rest can be handled by a filter-based program like SpamAssassin. MagicSpam might do something similar. Milter-greylist (which is outgrowing its name -- it now supports SPF, DKIM, SpamAssassin, ...) currently has tarpitting in development. > Fair play to Linuxmagic if they can offer the support - which is > what corporates want. Selling cobbled together open source is > nothing new. Of course, the key to any of this is good support. I suspect MagicSpam uses their own ("patented") technology too, but that really has nothing to do with this since it's quite clear that a supported F/OSS spam-fighting bundle is itself quite profitable. -- Adam Katz khopesh on irc://irc.freenode.net/#spamassassin http://khopesh.com/Anti-spam
Re: MagicSpam
On Thu, 2009-09-24 at 12:51 +0100, RW wrote: > On Thu, 24 Sep 2009 06:46:42 +0100 > "rich...@buzzhost.co.uk" wrote: > > > On Wed, 2009-09-23 at 23:36 +0100, RW wrote: > > > On Wed, 23 Sep 2009 10:40:11 -0700 (PDT) > > > linuxmagic wrote: > > > > > > > > Incidently the point about backscatter is wrong. The traditional > > > approach of classifying, and then discarding or filing to a spam > > > folder, produces zero backscatter from spam. Backscatter is > > > actually caused by rejecting at the SMTP level - when it's done on > > > the wrong SMTP transaction. > > > > That is *not* correct. > > I clarified what I meant by that well before you posted. Perhaps I missed a post? Can you remind me what you said? Thanks.
Re: MagicSpam
On Thu, 24 Sep 2009 06:46:42 +0100 "rich...@buzzhost.co.uk" wrote: > On Wed, 2009-09-23 at 23:36 +0100, RW wrote: > > On Wed, 23 Sep 2009 10:40:11 -0700 (PDT) > > linuxmagic wrote: > > > > > Incidently the point about backscatter is wrong. The traditional > > approach of classifying, and then discarding or filing to a spam > > folder, produces zero backscatter from spam. Backscatter is > > actually caused by rejecting at the SMTP level - when it's done on > > the wrong SMTP transaction. > > That is *not* correct. I clarified what I meant by that well before you posted.
Re: MagicSpam
On Wed, 2009-09-23 at 19:45 -0400, Aaron Wolfe wrote: > On Wed, Sep 23, 2009 at 1:40 PM, linuxmagic wrote: > > I really like this quote from their sales web site: > > "Now you can have MagicSpam spam protection for your Postfix (Linux) > Mail Servers. Complete with one click install"... You are lucky. I could not even get their website to load. It just kept timing out. Not sure I would want my mail processing to match that. > > I am quite interested to see this "one click install" on my Postfix > (Linux) Mail Server, as like most postfix servers there is no mouse or > gui. Be fair, there is *one* curses based screen on install :-) http://img294.yfrog.com/i/postfix1.png/ > Even given a server that has these things, I'm surprised they > have invented technology that can analyze a postfix install to the > degree needed for correct installation of their product with no more > than a single click. With tech like that, I can't believe they > haven't taken the world by storm. Maybe they're still working on > single click world domination technology. I have to totally agree. Postfix is *so* configurable that a single point & click installer is just nonsense. I don't think Postfix 'installation' as it is could be any easier than Debian: apt-get install postfix. That's the easy bit. It's the configuration that takes the skill. Fair play to Linuxmagic if they can offer the support - which is what corporates want. Selling cobbled together open source is nothing new. Some even bundle it together in a low spec PC: http://www.barracudanetworks.com/ns/products/spam_overview.php But you *do* get support for it. Hence the sales.
Re: MagicSpam
On Wed, 2009-09-23 at 23:36 +0100, RW wrote: > On Wed, 23 Sep 2009 10:40:11 -0700 (PDT) > linuxmagic wrote: > > Incidently the point about backscatter is wrong. The traditional > approach of classifying, and then discarding or filing to a spam folder, > produces zero backscatter from spam. Backscatter is actually caused by > rejecting at the SMTP level - when it's done on the wrong > SMTP transaction. That is *not* correct. It results when mail is accepted at the SMTP level, but for some reason it cannot subsequentially be delivered. Rejecting at the SMTP level results in a SMTP error, not a bounce.
Re: MagicSpam
On Thu, 24 Sep 2009 11:07:09 +1200 Jason Haar wrote: > On 09/24/2009 10:36 AM, RW wrote: > > > > None of that really distinguishes it from SpamAssassin, people have > > been using SA that way for many years. > > > This is turning into a "I don't understand why everyone doesn't do > everything themselves" thread. I think it's more of a "I don't like marketing bullshit" thread.
Re: MagicSpam
On Thu, 24 Sep 2009 01:00:20 +0200 Karsten Bräckelmann wrote: > On Wed, 2009-09-23 at 15:54 -0700, Ted Mittelstaedt wrote: > > RW wrote: > > > Incidently the point about backscatter is wrong. The traditional > > > approach of classifying, and then discarding or filing to a spam > > > folder, produces zero backscatter from spam. Backscatter is > > > actually caused by rejecting at the SMTP level - when it's done > > > on the wrong SMTP transaction. > > > > Say what?!?!? > > > > http://en.wikipedia.org/wiki/Backscatter_(e-mail) > > > > "...The recipient mail servers then use the (potentially forged) > > sender's address to attempt a good-faith effort to report the > > problem to the apparent sender" > > > > There's 2 separate and independent SMTP transactions here. > > > > The first is the spammer to the recipient mailserver. > > > > The second is the recipient mailserver to the apparent sender. > > > > "rejecting at the SMTP level" makes no sense at all in your context. > > It does. What you just described, however, is *bouncing*, a.k.a. > "rejecting after accepting". That's not rejecting -- by the MX, mind > you. It's not just straightforward bouncing, poorly set-up backup mx servers, intermediate forwarding servers, open-relays etc can all contribute to extra backscatter. If you compare it with the tradition delivery approach which produces zero dsn backscatter the claim of reduced backscatter seems bogus to me.
Re: MagicSpam
On Wed, Sep 23, 2009 at 1:40 PM, linuxmagic wrote: > > Slightly old thread, but we should clear any misconceptions. MagicSpam is > NOT anything like SpamAssassin. LinuxMagic has been developing Anti-Spam > solutions for the ISP and Telco markets for quite some time, focusing on the > SMTP transaction layer. This approach gives a more 'Zero Day' style > protection, as it can identify spam sources prior to accepting the email, > reducing backscatter and overhead. > > Mail Servers should have the protection during the SMTP transaction, and we > have been porting our technology to other mail servers which do not have > this ability. Our first ports were to Qmail style mail servers, and since > then we have ported to many others including Linux and Windows platforms. > > Just visit the forums, and see what customers have to say about this > product, as it speaks for itself. We have patent pending technology in > place, to provide for an especially unique methodology, and more > importantly, we make it very easy to install and operate. > > http://www.magicspam.com and http://forums.wizard.ca/viewforum.php?f=16 > I really like this quote from their sales web site: "Now you can have MagicSpam spam protection for your Postfix (Linux) Mail Servers. Complete with one click install"... I am quite interested to see this "one click install" on my Postfix (Linux) Mail Server, as like most postfix servers there is no mouse or gui. Even given a server that has these things, I'm surprised they have invented technology that can analyze a postfix install to the degree needed for correct installation of their product with no more than a single click. With tech like that, I can't believe they haven't taken the world by storm. Maybe they're still working on single click world domination technology.
Re: MagicSpam
On 09/24/2009 10:36 AM, RW wrote: > > None of that really distinguishes it from SpamAssassin, people have > been using SA that way for many years. > This is turning into a "I don't understand why everyone doesn't do everything themselves" thread. Face it: by being on this list we have all declared we are "do it yourself" type people. Guess what - large chunks of the world aren't, and those need to buy solutions from others. Running SA isn't "just" an issue of installing it. It has to be integrated with a MTA for starters - there goes 99.9% of your audience already ("what do you mean? I have to run a mail server before I can get rid of the spam?!?"). Then you've got to make decisions on what "addons" to use, bayes or not, OCR or not, which RBLs (starting with: what is an RBL), wash, rinse, repeat. Packaged products (commercial or otherwise) are in fact for most people. SA is not for most people (directly). -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
Re: MagicSpam
On Wed, 2009-09-23 at 15:54 -0700, Ted Mittelstaedt wrote: > RW wrote: > > Incidently the point about backscatter is wrong. The traditional > > approach of classifying, and then discarding or filing to a spam folder, > > produces zero backscatter from spam. Backscatter is actually caused by > > rejecting at the SMTP level - when it's done on the wrong > > SMTP transaction. > > Say what?!?!? > > http://en.wikipedia.org/wiki/Backscatter_(e-mail) > > "...The recipient mail servers then use the (potentially forged) > sender's address to attempt a good-faith effort to report the problem to > the apparent sender" > > There's 2 separate and independent SMTP transactions here. > > The first is the spammer to the recipient mailserver. > > The second is the recipient mailserver to the apparent sender. > > "rejecting at the SMTP level" makes no sense at all in your context. It does. What you just described, however, is *bouncing*, a.k.a. "rejecting after accepting". That's not rejecting -- by the MX, mind you. -- char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: MagicSpam
On Wed, 2009-09-23 at 23:36 +0100, RW wrote: > On Wed, 23 Sep 2009 10:40:11 -0700 (PDT) wrote: > > > Slightly old thread, but we should clear any misconceptions. Indeed, it is. A *year* old. > > MagicSpam is NOT anything like SpamAssassin. LinuxMagic has been Thanks for pointing that out. So you still need SA. ;) > > developing Anti-Spam solutions for the ISP and Telco markets for > > quite some time, focusing on the SMTP transaction layer. This > > approach gives a more 'Zero Day' style protection, as it can identify > > spam sources prior to accepting the email, reducing backscatter and > > overhead. > > None of that really distinguishes it from SpamAssassin, people have > been using SA that way for many years. What I like most is the quotes around the "zero day" used by sales. Yes, indeed, sales! :) Which eloquently points out the fact is has nothing, really nada, to do with the term "zero day" as used by anyone into security. Thanks for highlighting the buzz-words. -- char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: MagicSpam
RW wrote: On Wed, 23 Sep 2009 10:40:11 -0700 (PDT) linuxmagic wrote: Slightly old thread, but we should clear any misconceptions. MagicSpam is NOT anything like SpamAssassin. LinuxMagic has been developing Anti-Spam solutions for the ISP and Telco markets for quite some time, focusing on the SMTP transaction layer. This approach gives a more 'Zero Day' style protection, as it can identify spam sources prior to accepting the email, reducing backscatter and overhead. None of that really distinguishes it from SpamAssassin, people have been using SA that way for many years. Incidently the point about backscatter is wrong. The traditional approach of classifying, and then discarding or filing to a spam folder, produces zero backscatter from spam. Backscatter is actually caused by rejecting at the SMTP level - when it's done on the wrong SMTP transaction. Say what?!?!? http://en.wikipedia.org/wiki/Backscatter_(e-mail) "...The recipient mail servers then use the (potentially forged) sender's address to attempt a good-faith effort to report the problem to the apparent sender" There's 2 separate and independent SMTP transactions here. The first is the spammer to the recipient mailserver. The second is the recipient mailserver to the apparent sender. "rejecting at the SMTP level" makes no sense at all in your context. Ted
Re: MagicSpam
On Wed, 23 Sep 2009 10:40:11 -0700 (PDT) linuxmagic wrote: > > Slightly old thread, but we should clear any misconceptions. > MagicSpam is NOT anything like SpamAssassin. LinuxMagic has been > developing Anti-Spam solutions for the ISP and Telco markets for > quite some time, focusing on the SMTP transaction layer. This > approach gives a more 'Zero Day' style protection, as it can identify > spam sources prior to accepting the email, reducing backscatter and > overhead. None of that really distinguishes it from SpamAssassin, people have been using SA that way for many years. Incidently the point about backscatter is wrong. The traditional approach of classifying, and then discarding or filing to a spam folder, produces zero backscatter from spam. Backscatter is actually caused by rejecting at the SMTP level - when it's done on the wrong SMTP transaction.
Re: MagicSpam
Matus UHLAR - fantomas wrote: On 23.09.09 10:40, linuxmagic wrote: Slightly old thread, but we should clear any misconceptions. MagicSpam is NOT anything like SpamAssassin. LinuxMagic has been developing Anti-Spam solutions for the ISP and Telco markets for quite some time, focusing on the SMTP transaction layer. This approach gives a more 'Zero Day' style protection, as it can identify spam sources prior to accepting the email, reducing backscatter and overhead. Mail Servers should have the protection during the SMTP transaction, and we have been porting our technology to other mail servers which do not have this ability. Our first ports were to Qmail style mail servers, and since then we have ported to many others including Linux and Windows platforms. Just visit the forums, and see what customers have to say about this product, as it speaks for itself. We have patent pending technology in place, to provide for an especially unique methodology, and more importantly, we make it very easy to install and operate. http://www.magicspam.com and http://forums.wizard.ca/viewforum.php?f=16 and where may I find some usefull info, except positive feedbacks in the forum and marketing bullsh*t on the page? Now, now. It's been said many times that there's a whole host of corporate managers out there who are too incompetent/timid/whatever to ever employ any solution in their enterprise that doesn't have a vendor somewhere that they are paying money to. This is a corporate mindset thing, and IT managers with that mindset are not going to give a rat's ass if there's community forums or not. Those managers operate under the assumption that I'm going to bring this vendor in and he's going to make his stuff work, and all I'm going to do is pay him whatever he asks for with my employers money, and by God if he makes me look bad by not getting his stuff to work, then I'll sue him for every penny I sent to him and then some. If LinuxMagic wants to take a bunch of open source stuff and make it work for those people, more power to them. And if they kick some development work back to the open source projects that they used as a base, then fan tas-tilly-astic. LM doesn't put pricing on their website for their stuff so that immediately puts them in the category of "if you have to ask you can't afford it" just like those fancy French restaurants out there. I don't dine there, and it sounds like you don't either, so why waste your breath bitching at those who do? Ted
Re: MagicSpam
On 23.09.09 10:40, linuxmagic wrote: > Slightly old thread, but we should clear any misconceptions. MagicSpam is > NOT anything like SpamAssassin. LinuxMagic has been developing Anti-Spam > solutions for the ISP and Telco markets for quite some time, focusing on the > SMTP transaction layer. This approach gives a more 'Zero Day' style > protection, as it can identify spam sources prior to accepting the email, > reducing backscatter and overhead. > > Mail Servers should have the protection during the SMTP transaction, and we > have been porting our technology to other mail servers which do not have > this ability. Our first ports were to Qmail style mail servers, and since > then we have ported to many others including Linux and Windows platforms. > > Just visit the forums, and see what customers have to say about this > product, as it speaks for itself. We have patent pending technology in > place, to provide for an especially unique methodology, and more > importantly, we make it very easy to install and operate. > > http://www.magicspam.com and http://forums.wizard.ca/viewforum.php?f=16 and where may I find some usefull info, except positive feedbacks in the forum and marketing bullsh*t on the page? > Aaron Wolfe wrote: > > > > On Thu, Sep 11, 2008 at 1:11 PM, wrote: > >> Does anybody have any experience with this product? > >> > > > > It appears *noone* has any experience with it... Google finds only 2 > > links and they are on the company's own homepage. > > > >> My company wants to replace SpamAssassin with this product, due to > >> SpamAssassin being not being up to par other products. > > > > What is the evidence for this statement? I move customers from > > commercial solutions to my company's SA based filtering regularly and > > they are typically very impressed with what we can do for them with > > Spamassassin. > > > >> > >> My argument is that people we give SpamAssassin to have no clue how to > >> use > >> it and what it's designed to do, therefore they think it sucks. > >> > > > > Why would your users even need to know you are using SA? How are they > > supposed to "use" it? Just configure it to make spam go away and they > > should be OK with that. You can set up some sort of quarantine or > > tagging system but people generally aren't going to use it much. > > > >> > >> > >> > > > > From what I can find of the company behind this Magic thing, it looks > > like their products are repackaged open source software. (Their > > "MagicMail" product appears to be qmail). There's a pretty decent > > change they are selling you Spamassassin anyway :) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Due to unexpected conditions Windows 2000 will be released in first quarter of year 1901
Re: MagicSpam
Slightly old thread, but we should clear any misconceptions. MagicSpam is NOT anything like SpamAssassin. LinuxMagic has been developing Anti-Spam solutions for the ISP and Telco markets for quite some time, focusing on the SMTP transaction layer. This approach gives a more 'Zero Day' style protection, as it can identify spam sources prior to accepting the email, reducing backscatter and overhead. Mail Servers should have the protection during the SMTP transaction, and we have been porting our technology to other mail servers which do not have this ability. Our first ports were to Qmail style mail servers, and since then we have ported to many others including Linux and Windows platforms. Just visit the forums, and see what customers have to say about this product, as it speaks for itself. We have patent pending technology in place, to provide for an especially unique methodology, and more importantly, we make it very easy to install and operate. http://www.magicspam.com and http://forums.wizard.ca/viewforum.php?f=16 Aaron Wolfe wrote: > > On Thu, Sep 11, 2008 at 1:11 PM, wrote: >> Does anybody have any experience with this product? >> > > It appears *noone* has any experience with it... Google finds only 2 > links and they are on the company's own homepage. > >> My company wants to replace SpamAssassin with this product, due to >> SpamAssassin being not being up to par other products. > > What is the evidence for this statement? I move customers from > commercial solutions to my company's SA based filtering regularly and > they are typically very impressed with what we can do for them with > Spamassassin. > >> >> My argument is that people we give SpamAssassin to have no clue how to >> use >> it and what it's designed to do, therefore they think it sucks. >> > > Why would your users even need to know you are using SA? How are they > supposed to "use" it? Just configure it to make spam go away and they > should be OK with that. You can set up some sort of quarantine or > tagging system but people generally aren't going to use it much. > >> >> >> > > From what I can find of the company behind this Magic thing, it looks > like their products are repackaged open source software. (Their > "MagicMail" product appears to be qmail). There's a pretty decent > change they are selling you Spamassassin anyway :) > > -- View this message in context: http://www.nabble.com/MagicSpam-tp19439845p25531228.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
RE: MagicSpam
Well, since many guys are recommending "what they use" (IronPort, Barracuda) I thought I might bring BarricadeMX from Fort Systems into the game. Have a look at them. It is _very_ efficient and can be configured to use SpamAssassin as well. Comes with a very easy install for CentOS 5.2. Kind regards, JP
RE: MagicSpam
Hello, I really don't see how Spamassassin is not "up to par", considering many high end Net App's use Spamassassin and promote corporate level products that include it. Maybe it needs to be configured correctly? In fact, I don't think I've seen any real rival to Spamassassin - except, maybe, for DSPAM (but I've never used it) - And I don't see how that is going to be any "easier to drive" than Spamassassin. The only good Spam tagging applications for Windows all seem to have Spamassassin inside them somewhere. None of my users know how to use Spamassassin, in fact, none of my co-workers do either. I wouldn't even pretend to try and get them to do anything to it, apart from send Missed Spam back for Bayes training. If it is other Admins you're giving the product to, and they don't/can't understand it, then they shouldn't be running it. "no clue how to use it and what it's designed to do" - sounds like they need some education, these naïve people that you give Spamassassin to. Cheers, Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, 12 September 2008 5:12 a.m. To: users@spamassassin.apache.org Subject: MagicSpam Does anybody have any experience with this product? My company wants to replace SpamAssassin with this product, due to SpamAssassin being not being up to par other products. My argument is that people we give SpamAssassin to have no clue how to use it and what it's designed to do, therefore they think it sucks.
Re: MagicSpam
> At 09:44 12-09-2008, Jesse Stroik wrote: > There is SpamAssassin the project and SpamAssassin the software. The > project, under the aegis of the Apache Software Foundation, provides > a framework to support open source software development to deliver an > enterprise-grade, freely available software product for the public benefit. > > SpamAssassin, the software, is a mail filter to identify spam. It is > designed for easy integration into any email system. The cost to > develop such a software is estimated to be around US $1.1 million. And many, if not the large majority of commercial systems use it somewhere. A commercial product that does not understand spam, or if their team has not had lots of experience with spam, will make those mistakes. As the maintainer of the freebsd port of Spamassassin, I have to look at any user contributed 'fixes' or scripts to see if they are keeping with the overall SA design, or if they are freebsd only, do they cover, or will they work with ALL freebsd users (commercial systems, hobby, or home grown). As the maintainer, I have rejected several scripts that are mostly site or company specific, reminding the author that SA has to be made generic, and the Freebsd port of SA has to remain generic. I also remind them 'this is open source', you are ENCOURAGED to make custom, site specific changes. That said, as my second role as the CTO of one of the many companies that uses SA, thanks to the team, community, and users for creating a generic, 'one site fits all' system, but, it does need lots of work to make it a viable system to be used by 'users'. Remember users ;-)? If SA is used by YOU, and YOU are totally in charge of what gets whitelisted, blacklisted, etc, then YOU can maintain all the cf files and you can (eventually) get a pretty stable, accurate system. If, however, you are trying to create something easy to set up, and easy for users to use without your constant tweaking, yes, its VERY hard. As much time as our engineers spend on optimizations and minor customer custom requests, I think most of their time is spend trying to balance the spam capture rate and the false positive rate. (you really need a team :-). Examples of problems include ISP's who have clients that actually subscribe to those 'free crap in your email box', vs commercial companies who don't want their users using their email address for 'free porn' and such. Take one of the reputation filters as an example: DCC. DCC is great for identifying sources of BULK EMAIL. The commercial version also lets you get a bulk/non bulk percentage value on the sending IP. The free system allows you to take checksums of the spam and get a 'bulk/non bulk' judgment on the email. Remember, this is BULK EMAIL, not spam. It would trigger FP's on every truly double opt-in mailing list. Bayes: if you are an ISP, and not using user based bayes, then your plastic surgeons will be sending and receiving enlargement type emails that are legit, but that a mortgage company would want to block. HABEAS/SENDERBASE, more examples: for ISP/ generic use, maybe letting in commercial bulk email from companies who pay to certify their bulk email is he right thing to do. For a commercial business, maybe not. However, that said, it is possible to build a commercial system that is easy to install, will (out of the box) be about 99% accurate, allows users and it administrators access to reporting and configs, without creating a burden. (no, we don't allow individuals access to ~user/local.cf files ;-), but we do allow admins to turn on and off specific plugins, and users to set their own spam threshold values. Bottom line: same argument for any commercial vs custom system. A 'drop in place, open source' product isn't a product, its a framework. It will be less accurate, because it wasn't tweaked. A custom product will harder to build, but will be (eventually) what the company needs (for 1.1mm ;-). Also, consider the ongoing need to continue to track spam, new spam types and upgrades. A COTS product should offer good support, enough customizations that it will work for your company. I support SA efforts and will continue to since I understand the value of building and working with an open source community. That is why I volunteer my time to maintain the freebsd SA port. If you are trying to block spam for one server, or one company, and you don't want to spend a large amount of time, get a pre-build, supported product. Not a framework. If however, your needs are so unique that a COTS product won't work, then hire a team, build a custom solution. Your choice. (sorry, off my soap box now) -- Michael Scheidell, CTO >|SECNAP Network Security
RE: MagicSpam
I have heard that the sonicwall email security appliance is pretty good. It gets expensive per user, but they have desktop controls in outlook. The other one is the service offered by mcaffee enterprise... I don't remember the name, but its essentially a service they host and your mail server only receives mail from them. Its underlying system is spamassassin, but theirs is on steroids. I think the one of the developers of spamassassin actually works for them. Both systems use Bayesian filtering, but they have different types of input that allow millions of indicators to be used and updated minute by minute, thus allowing maximum spam detection. Basically input from many places is always better than input from one place.. The more data you have to look at the more obvious the trends thus making it easier to spot spam and rule out false positives on a minute by minute basis. -Brent
Re: MagicSpam
Mouss, mouss wrote: It's more than a "common user" question. while I can build an *BSD/Debian/Centos box to do what I want, I did buy "COTS" firewalls, backup servers, ... etc. You're not talking about ease of setup, you're talking about quality and reliability of product. Spamassassin doesn't require constant attention. It has never caused a problem for me. But if you are wiling to ensure your rulesets are updating properly and plugins are working, (in addition to occasionally evaluating new plugins), you can keep your performance remarkably high. But that's the name of the game in this particular world. Spammers change tactics. I personally don't like being called when on vacation, and more importantly, I don't want a company to "rely" on me. Not only for "loyalty", but also because I want to be able to quit when I want. I don't know how to respond to his other than "well, duh." No sysadmin worth his or her salt will throw a poor solution in place that would be either: (1) difficult for future admins to maintain or (2) cause an unreasonable amount of unexpected maintenance. That's why you document the work you do and you stick with known, proven solutions where possible. Spamassassin happens to be the best, most reliable anti-spam solution I've come across, which is why I use it. And I've clashed with an awful lot of poor spam solutions. I will agree with you that you have to spend real money to do a lot of things well -- backups are a perfect example of this -- and in many cases you can compress time and effort with money. But in the case of spam tagging/filtering, you're often not getting what you think you're getting with commercial anti-spam solutions. Choose carefully. there's a common misconception about tools (software or hardware): the out of the box syndrom. some people think that they will "put it in and everything will go on" I suggested that commercial software is often misconfigured out of the box and even provided a concrete example. Where did I say it would just work? Best, Jesse
Re: MagicSpam
At 09:44 12-09-2008, Jesse Stroik wrote: setups if they want the largest possible customer base. Consider the difference between the primary goals of spamassassin and arbitrary commercial anti-spam solution: Spamassassin: To facilitate a community effort with the primary goal of accurate reduction of spam. There is SpamAssassin the project and SpamAssassin the software. The project, under the aegis of the Apache Software Foundation, provides a framework to support open source software development to deliver an enterprise-grade, freely available software product for the public benefit. SpamAssassin, the software, is a mail filter to identify spam. It is designed for easy integration into any email system. The cost to develop such a software is estimated to be around US $1.1 million. Regards, -sm
Re: MagicSpam
Jesse Stroik wrote: Karl, Ease of setup and use are not the primary reason for purchasing any product, IMO. Yes, but you aren't the common user. Many commercial products *must* have oversimplified setups if they want the largest possible customer base. It's more than a "common user" question. while I can build an *BSD/Debian/Centos box to do what I want, I did buy "COTS" firewalls, backup servers, ... etc. I personally don't like being called when on vacation, and more importantly, I don't want a company to "rely" on me. Not only for "loyalty", but also because I want to be able to quit when I want. This is probably because when I quitted my first employer, I had to help them for some time. and at the time, I and my ego did like it. but since then, I learned that it was bad for me and my employer. Consider the difference between the primary goals of spamassassin and arbitrary commercial anti-spam solution: Spamassassin: To facilitate a community effort with the primary goal of accurate reduction of spam. Commercial Product: to sell as much commercial product as possible, with the goal being either short term profits or long term profits. A few years ago I bought a groupware that was configured as an open relay out of the box. When I contacted support about changing the default behavior, they said that they would lose customers if they configured it securely out of the box, so they didn't do it. Is spamassassin the best I've seen and worked with? Absolutely. Does spamassassin cost more in sysadmin time and require a more competent sysadmin to properly configure and maintain it? Yes. I've noticed in my own work with spamassassin, especially under solaris, that more time spent configuring it resulted in significantly better results. there's a common misconception about tools (software or hardware): the out of the box syndrom. some people think that they will "put it in and everything will go on". This is wrong, whether it's open source or not. Tools don't work by themselves. How many times did I hear a customer say "... but it doesn't work..." and when asking "how is your DNS resolution configured?" I get "sorry? what do you exactly mean...?" argh. and I think many here have heared the classical "it started to fail this morning, but nothing changed"... anyway, if people have enough resources to run a product, let them. if they can't, they'll need help. they may go with a commercial product that "works out of the box and is easy to administer" and/or they can contract someone to help them setup and maintain whatever product is better for them. and back to magicfoo, there's not much info about it on the network. this is not a good sign.
Re: MagicSpam
Excellent points. I'm glad I'm not a 'common user'... KLP On Fri, 12 Sep 2008, Jesse Stroik wrote: Karl, Ease of setup and use are not the primary reason for purchasing any product, IMO. Yes, but you aren't the common user. Many commercial products *must* have oversimplified setups if they want the largest possible customer base. Consider the difference between the primary goals of spamassassin and arbitrary commercial anti-spam solution: Spamassassin: To facilitate a community effort with the primary goal of accurate reduction of spam. Commercial Product: to sell as much commercial product as possible, with the goal being either short term profits or long term profits. A few years ago I bought a groupware that was configured as an open relay out of the box. When I contacted support about changing the default behavior, they said that they would lose customers if they configured it securely out of the box, so they didn't do it. Is spamassassin the best I've seen and worked with? Absolutely. Does spamassassin cost more in sysadmin time and require a more competent sysadmin to properly configure and maintain it? Yes. I've noticed in my own work with spamassassin, especially under solaris, that more time spent configuring it resulted in significantly better results. Best, Jesse --- _/ _/ _/ _/_/_/ __o _/ _/ _/ _/_/ _-\<._ _/_/_/ _/_/_/ (_)/ (_) _/ _/ _/ _/ .. _/ _/ arl _/_/_/ _/ earson[EMAIL PROTECTED] --- http://consulting.ourldsfamily.com ---
Re: MagicSpam
Karl, Ease of setup and use are not the primary reason for purchasing any product, IMO. Yes, but you aren't the common user. Many commercial products *must* have oversimplified setups if they want the largest possible customer base. Consider the difference between the primary goals of spamassassin and arbitrary commercial anti-spam solution: Spamassassin: To facilitate a community effort with the primary goal of accurate reduction of spam. Commercial Product: to sell as much commercial product as possible, with the goal being either short term profits or long term profits. A few years ago I bought a groupware that was configured as an open relay out of the box. When I contacted support about changing the default behavior, they said that they would lose customers if they configured it securely out of the box, so they didn't do it. Is spamassassin the best I've seen and worked with? Absolutely. Does spamassassin cost more in sysadmin time and require a more competent sysadmin to properly configure and maintain it? Yes. I've noticed in my own work with spamassassin, especially under solaris, that more time spent configuring it resulted in significantly better results. Best, Jesse
Re: MagicSpam
On Fri, 12 Sep 2008, Karl Pearson wrote: On Thu, 11 Sep 2008, fchan wrote: Hi, Sorry I don't have experience with this product. I do have limited experience with Barracuda Networks appliance and I think is a great product for an e-mail filter which I had experienced with my friend to set up on their network & email server. It is easy to set up, configure and maintain so for an alternative to spamassassin this is great alternative. Price a fairly good and since they were a educational institute they got an discount. http://www.barracudanetworks.com/ns/products/spam_overview.php I have to violently disagree. As an administrator of a system with 184 email groups and over 7000 subscribers on it, I absolutely hate Barracuda products. Out of the box, they specialize in creating huge amounts of backscatter (see http://en.wikipedia.org/wiki/Backscatter_(e-mail) for more info) which is SPAM. Ease of setup and use are not the primary reason for purchasing any product, IMO. One of the other things I've seen in recent weeks with Barracuda, is how wrong they have their default reputation system set up (I assume it's the default). I've had to speak with a number of admins about why the reputation should ONLY reject messages where the source IP is found. As it was, the appliance was rejecting if ANY IP in the received headers was found. -d
Re: MagicSpam
On Thu, 11 Sep 2008, fchan wrote: Hi, Sorry I don't have experience with this product. I do have limited experience with Barracuda Networks appliance and I think is a great product for an e-mail filter which I had experienced with my friend to set up on their network & email server. It is easy to set up, configure and maintain so for an alternative to spamassassin this is great alternative. Price a fairly good and since they were a educational institute they got an discount. http://www.barracudanetworks.com/ns/products/spam_overview.php I have to violently disagree. As an administrator of a system with 184 email groups and over 7000 subscribers on it, I absolutely hate Barracuda products. Out of the box, they specialize in creating huge amounts of backscatter (see http://en.wikipedia.org/wiki/Backscatter_(e-mail) for more info) which is SPAM. Ease of setup and use are not the primary reason for purchasing any product, IMO. Karl Frank Does anybody have any experience with this product? My company wants to replace SpamAssassin with this product, due to SpamAssassin being not being up to par other products. My argument is that people we give SpamAssassin to have no clue how to use it and what it's designed to do, therefore they think it sucks. --- _/ _/ _/ _/_/_/ __o _/ _/ _/ _/_/ _-\<._ _/_/_/ _/_/_/ (_)/ (_) _/ _/ _/ _/ .. _/ _/ arl _/_/_/ _/ earson[EMAIL PROTECTED] --- http://consulting.ourldsfamily.com ---
Re: MagicSpam
ram schrieb: On Thu, 2008-09-11 at 15:25 -0700, fchan wrote: Hi, Sorry I don't have experience with this product. I do have limited experience with Barracuda Networks appliance and I think is a great product for an e-mail filter which I had experienced with my friend to set up on their network & email server. It is easy to set up, configure and maintain so for an alternative to spamassassin this is great alternative. Price a fairly good and since they were a educational institute they got an discount. http://www.barracudanetworks.com/ns/products/spam_overview.php Alternative to spamassassin ?? , AFAIK barracuda uses spamassassin. You just get their rules and DNS lists that makes it "better" than the default SA But to be honest ,Not everyone can keep managing SA boxes. If some company wants to dump SA because of management issues , I would suggest just tie up with some commercial plugin for SA No change to the user interfaces. Almost immediately implementable on an existing setup and would be economical too Hi , you may have a look to ironport now owned by cisco it s one of the leading solutions in antispam but very expensive -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
Re: MagicSpam
On Thu, 2008-09-11 at 15:25 -0700, fchan wrote: > Hi, > Sorry I don't have experience with this product. > I do have limited experience with Barracuda Networks appliance and I > think is a great product for an e-mail filter which I had experienced > with my friend to set up on their network & email server. It is easy > to set up, configure and maintain so for an alternative to > spamassassin this is great alternative. Price a fairly good and since > they were a educational institute they got an discount. > http://www.barracudanetworks.com/ns/products/spam_overview.php Alternative to spamassassin ?? , AFAIK barracuda uses spamassassin. You just get their rules and DNS lists that makes it "better" than the default SA But to be honest ,Not everyone can keep managing SA boxes. If some company wants to dump SA because of management issues , I would suggest just tie up with some commercial plugin for SA No change to the user interfaces. Almost immediately implementable on an existing setup and would be economical too
RE: MagicSpam
I find i have to run botnet rules individually, not as the big meta rule. See the doc in the tar ball for how to. -- martin -Original Message- From: Jesse Stroik <[EMAIL PROTECTED]> Sent: Thursday, September 11, 2008 10:03 PM To: [EMAIL PROTECTED] Cc: users@spamassassin.apache.org Subject: Re: MagicSpam Rob, Spamassassin is more difficult to configure because commercial products don't have the luxury of requiring more sysadmin configuration. They have to be easy or no one would buy them. The disadvantage of them being easier is that they have less flexibility, less information and less site-specific configuration to work with. They also tend to be less accurate, erring to the side of enforcement at the risk of discarding legitimate mail. It is important to check spamassassin to see which plugins are installed properly and working. Spamassassin will work with only a few plugins installed, but it will work much better if you install all plugins that make sense for your site. To maintain spamassassin well, you also have to have very level-headed admins who are willing to drop even very effective plugins if they have the potential for false positives. You have to evaluate the plugins yourself, to some extent, and you have to trust behavior that you observe. I recently had to decrease the score of the BOTNET plugin significantly. It's not the BOTNET plugin is doing something wrong -- it's simply that companies often configure their mail servers with mail gateways and have internal/private network Received lines that trigger the BOTNET plugin. Commercial products tend to trap lots of spam, like a properly configured spamassassin installation, but they also tend to get a lot of false positives. Consider that people complain a lot more about false negatives (spam that gets through) than false positives, especially if they don't see the false positives. Because of this behavior pattern, commercial products will almost always err to the side of throwing away the baby with the bathwater. And this is more dangerous to email than spam is. Best, Jesse ** Confidentiality : This e-mail and any attachments are intended for the addressee only and may be confidential. If they come to you in error you must take no action based on them, nor must you copy or show them to anyone. Please advise the sender by replying to this e-mail immediately and then delete the original from your computer. Opinion : Any opinions expressed in this e-mail are entirely those of the author and unless specifically stated to the contrary, are not necessarily those of the author's employer. Security Warning : Internet e-mail is not necessarily a secure communications medium and can be subject to data corruption. We advise that you consider this fact when e-mailing us. Viruses : We have taken steps to ensure that this e-mail and any attachments are free from known viruses but in keeping with good computing practice, you should ensure that they are virus free. Red Lion 49 Ltd T/A Solid State Logic Registered as a limited company in England and Wales (Company No:5362730) Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU, United Kingdom **
Re: MagicSpam
Hi, Sorry I don't have experience with this product. I do have limited experience with Barracuda Networks appliance and I think is a great product for an e-mail filter which I had experienced with my friend to set up on their network & email server. It is easy to set up, configure and maintain so for an alternative to spamassassin this is great alternative. Price a fairly good and since they were a educational institute they got an discount. http://www.barracudanetworks.com/ns/products/spam_overview.php Frank Does anybody have any experience with this product? My company wants to replace SpamAssassin with this product, due to SpamAssassin being not being up to par other products. My argument is that people we give SpamAssassin to have no clue how to use it and what it's designed to do, therefore they think it sucks.
Re: MagicSpam
On Thu, Sep 11, 2008 at 1:11 PM, <[EMAIL PROTECTED]> wrote: > Does anybody have any experience with this product? > It appears *noone* has any experience with it... Google finds only 2 links and they are on the company's own homepage. > My company wants to replace SpamAssassin with this product, due to > SpamAssassin being not being up to par other products. What is the evidence for this statement? I move customers from commercial solutions to my company's SA based filtering regularly and they are typically very impressed with what we can do for them with Spamassassin. > > My argument is that people we give SpamAssassin to have no clue how to use > it and what it's designed to do, therefore they think it sucks. > Why would your users even need to know you are using SA? How are they supposed to "use" it? Just configure it to make spam go away and they should be OK with that. You can set up some sort of quarantine or tagging system but people generally aren't going to use it much. > > > >From what I can find of the company behind this Magic thing, it looks like their products are repackaged open source software. (Their "MagicMail" product appears to be qmail). There's a pretty decent change they are selling you Spamassassin anyway :)
Re: MagicSpam
Rob, Spamassassin is more difficult to configure because commercial products don't have the luxury of requiring more sysadmin configuration. They have to be easy or no one would buy them. The disadvantage of them being easier is that they have less flexibility, less information and less site-specific configuration to work with. They also tend to be less accurate, erring to the side of enforcement at the risk of discarding legitimate mail. It is important to check spamassassin to see which plugins are installed properly and working. Spamassassin will work with only a few plugins installed, but it will work much better if you install all plugins that make sense for your site. To maintain spamassassin well, you also have to have very level-headed admins who are willing to drop even very effective plugins if they have the potential for false positives. You have to evaluate the plugins yourself, to some extent, and you have to trust behavior that you observe. I recently had to decrease the score of the BOTNET plugin significantly. It's not the BOTNET plugin is doing something wrong -- it's simply that companies often configure their mail servers with mail gateways and have internal/private network Received lines that trigger the BOTNET plugin. Commercial products tend to trap lots of spam, like a properly configured spamassassin installation, but they also tend to get a lot of false positives. Consider that people complain a lot more about false negatives (spam that gets through) than false positives, especially if they don't see the false positives. Because of this behavior pattern, commercial products will almost always err to the side of throwing away the baby with the bathwater. And this is more dangerous to email than spam is. Best, Jesse
RE: MagicSpam
Rob Can't say i have, but SA does need someone with a little expertise and a clue (tm) to get it going well. After that it takes very little extra work apart from upgrading every so often and running sa-update every week or so. -- martin -Original Message- From: <[EMAIL PROTECTED]> Sent: Thursday, September 11, 2008 6:12 PM To: users@spamassassin.apache.org Subject: MagicSpam Does anybody have any experience with this product? My company wants to replace SpamAssassin with this product, due to SpamAssassin being not being up to par other products. My argument is that people we give SpamAssassin to have no clue how to use it and what it's designed to do, therefore they think it sucks. ** Confidentiality : This e-mail and any attachments are intended for the addressee only and may be confidential. If they come to you in error you must take no action based on them, nor must you copy or show them to anyone. Please advise the sender by replying to this e-mail immediately and then delete the original from your computer. Opinion : Any opinions expressed in this e-mail are entirely those of the author and unless specifically stated to the contrary, are not necessarily those of the author's employer. Security Warning : Internet e-mail is not necessarily a secure communications medium and can be subject to data corruption. We advise that you consider this fact when e-mailing us. Viruses : We have taken steps to ensure that this e-mail and any attachments are free from known viruses but in keeping with good computing practice, you should ensure that they are virus free. Red Lion 49 Ltd T/A Solid State Logic Registered as a limited company in England and Wales (Company No:5362730) Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU, United Kingdom **
MagicSpam
Does anybody have any experience with this product? My company wants to replace SpamAssassin with this product, due to SpamAssassin being not being up to par other products. My argument is that people we give SpamAssassin to have no clue how to use it and what it's designed to do, therefore they think it sucks.