Chris Santerre wrote to 'Marc Kool' and Thomas Kinghorn:
However there is a chance that legit mail could be delayed 20+ minutes. Even if you set delay to 1 minute. It comes down to how the sender's server is setup. So if you must have email ASAP, be carefull. Otherwise I'm hearing great things.
Yeah. If SA wasn't already catching 99.96% of our spam, I'd have jumped on greylisting weeks ago. :-)
I know, the bandwidth savings are probably worth it. I've just been a little loathe to deliberately add a non-deterministic delay to a small but significant proportion of legitimate email, even with whitelisting.
Has anybody tried using SA's AWL as input to any greylisting application? My gut reaction is that it would make for a good knob, allowing the admin to automatically pass any message below a certain AWL score, and greylist anything above that score. (And dump core for anything that hits the score exactly, of course).
The catch-22 to this is that if greylisting works even half as well as documented, the AWL will quickly decay and become skewed towards ham (yet it might still be a somewhat useful tool for greylisting). Not to mention Bayes, as well as any corpus testing and rule development that I do that depends on a large sample of current spam. That's probably the more compelling argument against greylisting, now that I think about it.
Right now, I can't think of a way to maintain the accuracy of SA without allowing the spam payloads into our network... which requires the same bandwidth and processing overhead as our current scan+quarantine system. I'm thinking in layers, here.. I don't want to compromise our best line of defense just to save a little bit of bandwidth.
Thoughts?
- Ryan
-- Ryan Thompson <[EMAIL PROTECTED]>
SaskNow Technologies - http://www.sasknow.com 901-1st Avenue North - Saskatoon, SK - S7K 1Y4
Tel: 306-664-3600 Fax: 306-244-7037 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America
