Hello Martin Sorry for the delay in answering.
I answer this mail again in this mailinglist, as this thread startet here. Now I will start using the new mailinglist for spam stuff. Martin Blapp wrote: > > So if a customer want spam filtering it will do a really great job, > > probably without any special tuning for swiss spammers. ;) > > I can not agree here. German spams are not catched at all. Without additional > rules german spam comes through unfiltered. We use the excellent german ruleset > http://www.exit0.us/index.php/GermanRules with some additions and corrections. I had a running SA 2.63 only about a day when I did my writing above, but still all the german speaking spam I got was catched without special rules. But as I use SA only on a smaller server and only with milter, I have probably trained my bayes filter very well, and they get always almost enough points. But sure, your milage may vary, it depends a lot of the other mails you get and how the bayes filter is trained (at my server mostly automaticaly). > You also want to catch the stupid 'virus has been removed messages' for > netsky and friends. See http://www.exit0.us/index.php/RulesDuJour. Thanks for this links, improving mail filtering is always good. > Additionally we experienced that the bayesian filter slows down > after ~ 1000000 mails and gets ineffective, especially for english > business mails. There needs to be a way to use autotraining and clean up > old stuff. Maybe I should RTFM :-) I haven't done ether, because at the moment it is running quite nice. I had to put in a rule for the stopshop "informations" yesterday, from which one mail just got under 5 points (some 4.x points). > The RBL's are the most important thing to use. And the second thing we use I don't think so, they are helpful, but sometimes produce also false postives. With the old SA 2.55 I scored most of them higher, whit about 3 - 4 points, sometimes user of hispeed which are using the smtp-relay got cachted as spam for the current address the used. But with SA 2.63 the rules for this seems to be much better and score differently. I guess the external tests like DCC, Razor and Pyzor also do a great job. With the reporting and counting of a fuzzy checksums of the email real mass spam is cachted very easy. But in the end it is the summary of tests like SA does and helps to catch the spam. > is a list of spam advertized sites collected by ourself. Currently we have > 7500 sites in there. Oh, this is a lot, at the office (where still SA 2.55 is running, upgrade is pending) we had also added some URL check rules, recently the redirect through rd.yahoo.com and rds.yahoo.com, but SA 2.63 cachtes this as well. bye Fabian _______________________________________________ swinog mailing list [EMAIL PROTECTED] http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
