David Bürgin <dbuer...@gluet.ch> writes: [all the other replies sound 100% sensible to me]
> In your experience, what is a good ‘certain spam’ threshold? By that I > mean the score above which messages are virtually always spam, no false > positives. There is no certainty; there is only probability. So you have to decide what risk you want to put up with, and that's in my experience a risk of accepted spam and a risk of rejected ham. > The default threshold for spam is 5.0, which works well for me. Only > very rarely a ham message scores above that and lands in my Junk folder. I have set up TXREP, and added known senders to a welcomelist, plus some private rules and score tweaks, SA base plus KAM. I find that ham over 5 is extremely rare. I am rejecting at the SMTP level at 8. I have so far not received a single complaint of legit mail being rejected. 8 is a bit more aggressive than I would recommend in general. Note that I take two unconventional views compared to standard SA doctrine: mail is personal-ham, list-ham, or spam. If a message from a mailinglist that is technically ham gets misfiled or even rejected, that's not a big deal. Mail that is personally to me (really, that I care about) that gets rejected is a big deal. I really don't want any spam in my INBOX, because it appears on my phone, and thus I sort mail into "ham", "maybe spam", "spam" and "definitely spam", basically sorting <1 point into inbox, 1-5 into spam.N folders, with 5+ into pam.5, combined with MTA-level rejection at 8. This means that every day several messages are sorted into spam.1 and spam.2 that are technically ham, and I just refile them when at a computer. The benefit to this is that only a handful of spam messages land in my inbox every week. I often add welcomelist or rule tweaks for list senders who score 1-5. Usually the messages are icky somehow, from an MTA on a BL, misformatted, etc. Almost always I wouldn't really care if I had missed them. Real people, real transactional notifications, I add exceptions for. This is higher effort, but it serves my dual purposes of not missing ham and protecting my phone INBOX from spam. But it also gives me insight into score distribution. 1-2 point ham is pretty normal, and arguably that folder is 75% ham. The 4-5 folder is about 98% spam. > Would 10.0 be a good ‘certain spam’ threshold? 15.0? I could then reject > such messages at the SMTP layer, without having to worry about rejecting > legitimate messages. My view is that very occasional rejecting of legit mail is much better than having it buried in a spam folder. I would be very surprised if rejecting >= 10 caused you real trouble. You just said that you almost never have ham get scored over 5. So 10 seems like a reasonable step.
signature.asc
Description: PGP signature
