On Thu, 13 Apr 2006, Paul Johnson wrote: > Best method to test spam rejection is to go live and cross your > fingers. Start conservatively with your heuristics: Err on the > side of false negative and work yourself closer to equilibrium. No > anti-spam system is 100% accurate, your spam may vary.
One possible strategy based on scoring (if other aspects of your policy permit it) is to initially define a fairly liberal acceptance level for suspect-spam, but to apply a rule which freezes those items. Inspect the frozen items, discard those which are definite spam; thaw those which are not, while adjusting the rule(s) which caused them to be suspected. As you gain confidence, lower the rejection threshold in stages. In spamassassin terms, for example, one might deliver <5.0 as probable ham; deliver <8.0 as possible spam; freeze scores between 8.0 and X for inspection, and reject scores above X (you choose X, say 15 or 20 if you're not sure yet). With time, stepping X down in stages until you're confident enough of your rules be able to dispense with the freezing. Freezing is also a useful way to try out new anti-spam ideas before putting them into production, just in case they're going to cause unexpected false-positives. regards -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
