On Wed, 2 Apr 2003, Ed Wilts wrote: > On Wed, Apr 02, 2003 at 09:02:19AM -0600, Jason Cordes wrote: > > I'm using a rbl on my sendmail server here for my company but that has only > > lightly cut down on the amount of spam some of my users get. Is spamassasin > > only used to protect a single persons email or can it be used to protect a > > site? I'm thinking of checking it out but if it cannot really be used to > > protect a site then it's not going to be very helpful for me. > > We've had a large success rate with realtime blackhole lists and block > thousands of messages a day. However, we still see a lot of spam. > > I've done some personal testing with spamassassin and I really don't > like it - the false positive rate was way too high for me.
I'm running spamassassin for moderate sized University with "required_hits" set at 8 (the default is 5) and see a MUCH MUCH larger RBL false positive rate. For example, I will get legit mail that SpamAssassin marks around 6 and the "X-Spam-Status" includes that it hit the RCVD_IN_OSIRUSOFT_COM rule. This means if my MTA was subscribed to blocking based on the OsiruSoft RBL then the legit email would have been blocked. Also, since it got a score or 6 (the false positive in the RBL helps increase the score) if SpamAssassin was at it's default required_hits value of 5 then it would have gotten marked. With using SA with a higher required_hits value, it didn't get blocked or marked. If your conserned about false positives then RBL is the wrong way to go! -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
