> If I do this though, doesn't it mean that I would have to go through each > email one-by-one? I'm guessing that RBL & delaying will definitely help > cut down on the pounding I'm getting, but over the weekend alone, my own > accounts accumulated more than 1500 pieces of email, of which, probably > 1400 were spam. I can't even begin to imagine how long it would take me > to go through them all. If I cc both Bayesian spam & nonspam (setting > both log settings to 7), then I would basically be receiving all emails, > wouldn't I? > > Would I then be able to select all spam and submit to the asspspam & > asspnotspam address as a single email with hundreds of attachments? > > There are privacy issues at stake here too; I may end up reading someone's > legit email, which is definitely a concern.
I did/do this. I ran ASSP for a long time with none of the users any wiser. Leave everything in testmode. Don't prefix the subject with [SPAM]. Do turn on all connection tests but have them score only. In your mta have a system wide rule that looks for a header line that includes: X-Assp-Spam-Reason: but does not include: X-Assp-Spam-Reason: Bayesian spam and route those emails to the users individual spamboxes or a central spambox you control as those are most certainly spam. The users will still receive their Bayesian spam but will see a nice drop in total received spam. Then occasionally search for text in files in your spam folder for your company name, street address and such. Also scan your notspam folder for text in files with known spam words and sex words. Do that every so often and as your users use the system and addresses get autowhitelisted the system will smooth out on it's own. Then after a few weeks turn on the [SPAM] prefix for spam mail and let the users know that it has been identified as Bayesian spam, and they can either notify you of errors or you can educate them on how to use the email interface. I have done this over the years and have lowered the false positives to an almost acceptable level, but I will never take Bayesian out of testmode. Some of our users who have had great success with no false positives create a rule that deletes anything with [SPAM] in the header, some merely move them to a spam mailbox in their email program for review and deletion. Even after all this time though, legitimate HTML emails from companies hawking their wares usually get marked as spam until they get whitelisted. And I have had to add either domains to the whitelist or their servers if known to the accept all mail list to keep poorly configured servers from customers and associates from being marked as spam. The image spam everyone is talking about is usually caught by the connection test or spambomb regex, but if it isn't, it is always marked as Bayesian spam. BTW, delaying makes a huge difference right off the bat. It also will almost completely eliminate the virus laden emails, almost. Doug Traylor ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
