On Tuesday, November 22, 2005, 5:54:21 PM, Tech wrote:
|
> |
Pete,
What do we need to do up increase our rulebase strength
I don’t know if it’s just a larger amount of spam messages in general or a larger % of them getting through but I have customer’s complaining
|
I don't recommend increasing your rulebase sensitivity at this time. We've just done a lot of work on the back-end system - so it is difficult to predict what the benefit would be (if any) to nearly doubling the size of your rulebase. Also, as a rule, hyper-sensitive rulbases are reserved for special applications on large systems with multiple MTAs.
In the past we have made rulebase sensitivity adjustments available to smaller systems on a case by case basis but in light of recent changes to our tuning mechanisms I'd like to stay closer to the rule-book for a while and gather more data. I believe that recent changes in our back-end systems will shortly mitigate much of the leakage, and since the tuning engine has also recently been rebuilt it is unlikely that rules in the 0.1-1.0 band are going to provide enough benefit to offset the costs of doubling your rulebase size.
Recently there have been a number of very aggressive days by the "blackhats" and that probably explains what you and others have experienced. This appears to be part of a fairly significant shift in the way spam is generated and the beginning in earnest of a number of new trends that will redefine "how spam is done".
Consider:
This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
