On Thu, 18 May 2006, Johann Spies wrote: > I have so far considered spamassassin's approach to blacklist as a > safer option. As I understand it that a single rule in Spamassassin > is not supposed to allocate enough points to categorise the mail as > spam.
You have the choice! But this idea is not exclusive to spamassassin. We have some RCPT-time ACLs which are designed to reject mail only if a certain combination of factors occurs together. Considering the comparative overhead involved in accepting DATA and feeding it to spamassassin, it seems to me that if one can, with good confidence, reject an item at an earlier stage (e.g RCPT), then it's good to do so. (Although I know that not everyone is of that opinion.) > It should be a combination of factors. When we started using spamassassin's URIBL features with their standard scores, someone sent me a bona fide mail which mentioned a single URL that just happened to be listed in pretty much every one of the URIBL lists. The score for each of them was quite small, but in aggregate they pushed the score over 8.0 and the mail was rejected, even though there was no other feature in the mail that categorised it as spam. I revised the URIBL scoring with some META definitions so that, although a URL being listed in more URIBLs would still raise the score somewhat, it was less than additive, and could never go over 8.0 for that cause alone. > How would you ensure that bona fide email does not get rejected by > Exim using URI blacklists? "Ensure" is a strong word. This whole activity is inevitably a compromise. But mail delivery is not guaranteed. As long as there is a positive rejection during the SMTP transaction (not just dropping mail silently into a black hole, which in my opinion is an appalling thing to do), then the occasional false positive is something that the world has to learn to live with. Naturally, one tries to minimise their occurrence! best -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
