I'm confident the lack of white listing within SB is fine. The ability to spoof addresses makes the concept of white and black lists a waste of time.
As an example, my own name is being used to send ME email. Three times every month I allegedly send myself email, from servers overseas, attempting to sell myself very cheap Microsoft software and watches. That mail is also going to some of my co-workers. If my co-workers were to white list my name, they would continue to receive the junk mail. If they blacklist me, they won't get any of our business mail. Only the SB approach of training on the total message content can address the problem of spoofing. Thanks to Tony and the others for putting together a GREAT solution. ____________________________________ Harold Vandeventer Network Administrator DPRA Incorporated 200 Research Dr Manhattan, KS 66503 Voice: (785) 539-3565 ext 1026 FAX: (785) 537-0272 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bryan D. Andrews Sent: Monday, April 18, 2005 2:37 PM To: Skip Montanaro Cc: [email protected] Subject: RE: [Spambayes] Feature Request Don't you agree that you should be able to whitelist everyone you are doing business though? Do you not think this would make a great addition? Thanks. -----Original Message----- From: Skip Montanaro [mailto:[EMAIL PROTECTED] Sent: Monday, April 18, 2005 11:10 AM To: Bryan D. Andrews Cc: [email protected] Subject: Re: [Spambayes] Feature Request Bryan> I literally get so much spam now that I cannot even *think* about Bryan> looking in the junk folder -- I just have to trust... the junk Bryan> suspects is getting this way as well... Hmmm... How large is your junk suspects folder that you can't at least skim it? Shifting gears a bit, I think it would be worthwhile for all organizations to at least look at greylisting as a way to reduce the amount of spam entering their networks. Take a look here: http://www.greylisting.org/ I happen to use postgrey with postfix as my weapon of choice. On March 25th I started using this setup. This graph shows the number of messages SpamBayes has had to classify since early last November: http://manatee.mojam.com/~skip/sb.png Note the huge drop in mail it classified as spam after March 25th. By my crude calculation I've seen a drop in spam reaching SpamBayes by a factor of four to five, about 1540 per day over the first 20 days of the graph's period and about 330 per day over the last 20 days. Note that these numbers are for the email received by one person, not an entire organization. Eliminating the high-scoring spam which is simply discarded (that scoring >= 0.80), I'm left with about 30 messages classified as spam per day that need to be scanned and about twice as many unsures. Those numbers may just be artifacts of the train-to-exhaustion regimen I use or misclassified mails in my training database. At any rate, they are small enough for me to skim quickly at various times during the day. Anecdotally, SpamBayes seems to be doing a better job classifying the mail I do receive (60 unsures per day notwithstanding). My theory is that eliminating entire classes of spam (mostly that sent by virus-commandeered Windows machines) probably reduces the variability in the spam that does get past postfix, so spam is easier to properly classify. I realize a postfix mail server is probably not in the cards for everyone. If you're a Microsoft customer I suggest you start leaning on them to add something similar to their SMTP server product. -- Skip Montanaro [EMAIL PROTECTED] _______________________________________________ [email protected] http://mail.python.org/mailman/listinfo/spambayes Check the FAQ before asking: http://spambayes.sf.net/faq.html _______________________________________________ [email protected] http://mail.python.org/mailman/listinfo/spambayes Check the FAQ before asking: http://spambayes.sf.net/faq.html
