At 01:22 PM 1/30/2004, Spyros Tsiolis wrote:

1. spamassassin ! Plain sa installation . What next ? Training ?
    1000 Spam and 1000 Ham ??

Bayes training is a good thing. Ideal is to have a spam/ham training ratio close to what comes into your server in reality. However, considerable variance isn't a problem, as long as it's not wildly wrong..

1000/1000 is a good starting point for bayes training. Just keep try to keep things as close to reality as possible without excessive effort.

2. spamassassin and Invoking spamd instead of
   Can someone still train spamassassin ? From what Don told me
you don't  But I need this clarified. Could someone answer this ?

I'm not familiar with, but people using the spamd/spamc combo CAN train bayes.. you just need to make sure you pass a -u parameter that is a user you can su to before training.

The reason you need to -u is that spamd will fall back to nobody if both it and spamc are called as root. Bayes training normally goes in the user's home dir, but in the case of the user nobody, some systems have /dev/null type homedirs.

3. Say you _DON'T_ train spamassassin and you leave it running
with "spamd"
    and Dons' options. Can someone at least enroll any relevant
mail (ham)
    that is being treated as spam in the whitelist, so they
don't get

I'm not familiar with don's options, so I can't follow the thread here :)

4. This is one of the most serious questions that's been bugging
me for the
last weeks.
    We have Xmail running and people get their ham and spam. Can
    define a simple way of actually grabbing hold of spam and
putting it
onto,say , a
    spam mail account, so then I (the admin) can go and start
feeding the
    (that'd be spamassassin) in order for it live and learn ?

This is actually partly mentioned in SA the FAQ...

In short, forwarding generally doesn't work.. to feed bayes you need a more-or-less _exact_ copy of the message, complete with original, mostly unaltered headers. Some have suggested using bounce/redirect features of some mailclients, others have suggested having user's send them as attachments and stripping them..

If you can set up system that gets you a clean message, you're golden.. Personally, I don't know of anyone doing it, but it is at least theoretically possible.

I don't bother with user-feedback training myself.. it's too much work to make it go.

Instead I have a spamtrap, and a nonspamtrap that I use for training.

I subscribe the nonspamtrap address to some popular legit newsletters my users get. cnn news updates, industry newsletters, etc.. I monitor it for spam, and I never mention it's address anywhere to prevent it from being picked up.

The spamtrap is a collection addresses that I've seeded in example postings to mailing lists that winds up with good clean spam. I might make a post discussing a technical and unrelated issue, and use a made up email address like [EMAIL PROTECTED] as a part of the example. Believe it or not, I'm going to start getting bounces for that address in a week or two. After I'm sure it's all spam (and some undisclosed time has gone by), I'll funnel it into the spamtrap.

I feed both mailboxes to sa-learn daily, along with carefully transferred selections from my own mailbox. (since I'm transferring by hand, this is easier than trying to make a "userproof" automated system)

Two reasons I posted this on the xmail list and not on the sa
list :

a. I use sa with Xmail (good enough for me :-)
b. The sa list never gets a message I send. Same happens here
but sometimes.

Well SA list got your post this time, the servers are being _really_ slow this week due to the mydoom worm and other things clogging up the mailservers.

The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
Spamassassin-talk mailing list

Reply via email to