> From: Dan Geiser > > On a separate topic, I'm curious to know how everyone handles the spam which > makes it into the "imail\spool\spam" directory.
We're small. I still scan now and then, but have found VERY few items to keep. I can scan 500 messages in about 2-3 minutes tops (I sort by domain from then person to here, for your situation, I would sort by subj, then domain from), scan thru to check if any look even remotely real, then delete the pile. The firts time I did this, I also had thousands of messages to skim thru. > have accumulated 23,236 files in the "spam" directory. Am I correct that > each message that was caught has 2 files representing it, i.e. > 23,236 files is actually 23,236 / 2 = 11,618 spam message caught? Yes > directory. I'm also planning on setting up a clean-up task which will > delete any files older than 90 days just so my hard drive doesn't fill up. > I'm guessing that one route I could take is to take a "DELETE" action on > spam which has a particularly high weight. Were I an ISP. I would not use auto-delete, but HOLD all messages above a threshold (and not set any up for manual scanning -- either HOLD or warn in the subject line and let end-user tell you if you have it wrong). Have a task zip up the mess daily and delete the individual emails. Once a month (or more, if you are larger), burn a CD with the zip files and dump from the hard drive. Then, document exactly what you are doing and put it on the web support page (bury it somewhere if needed, but accessible for the truly desperate), with some procedure to be used if someone thinks their legit mail is being blocked (possible). You can then do searches (inside the zips, no need to extract) of the email addr they expected info from to see if they were blocked and adjust your rules as needed if you find them. No lawsuits for blocking legit mail (which AOL says they have had) and most junk blocked from users' inboxes (which makes for happier clients). Also, since your email traffic is probably subject to FBI subpoena, you may want to archive all mail traffic according to both your written policy on backups (and after consultation with your attorney) and make sure those CD backups are also destroyed in compliance with that policy (for example, no backups held more than one year, etc). > there any weight which people have decided is a good "DELETE" weight. Is > there anything else I'm not thinking of? We have jiggled all the weights here and have several custom blacklists (that delete automatically). By weight, we re-route for review at 15, hold at 30 and delete at 60. Used to hold and delete at higher weights, but haven't have false positives in sometime. K --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
