On Wed, Aug 21, 2013 at 11:49:04PM +0200, Szládovics Péter wrote: > 2013-08-21 23:21 keltezéssel, Jan-Frode Myklebust írta: > >On Wed, Aug 21, 2013 at 01:23:45PM +0200, Szládovics Péter wrote: > >>SOGo is not a mailserver. SOGo just an groupware extension for _any_ > >>mailserver backend. > >>So, the question is not the antivirus and antispam for SOGo. The > >>question is antivirus and antispam for mailserver. > >Antispam has a place in SOGo too. I'd like to have an interface for the > >users to select how strict the spam-filter should be by integrating > >with sieve-spamtest/rfc5235. > > > >Maybe a "block sender" function, that pushes out a sieve script to the > >server to drop/move-to-Spam messages from a given sender. > > > >Also it would be nice if the SOGo webinterface had a Spam/not-spam > >button that would move messages to/from the Spam-folder. This could be > >used by http://wiki2.dovecot.org/Plugins/Antispam to train the filter. > > Block senders? > How many senders need to block for correct spam filtering. > One node of one zombie network sends about 100 thousand spam emails > per day with randomly generated senders. Are you sure, you can > stopped them with this feature? I don't think so.
Blocking sender is a helpfull feature against other kinds of spam than zombie networks.. F.ex. real businesses that picked up your email address during a website registration, and thinks that that's an invitation to be put on their advertising list. > Example. > My mail host gets about 250-300 clean, real mails per day (total > incoming mail traffic is about 2000 mails/day - yes, 80-90% of them > are absolutely spam). We deliver about 500.000 supposedly clean mails/day to our users inboxes, after virus/spam/greylisting/etc has done it's thing. > The SA drops 5-10 mails into the quarantine per day (newsletters, > advertisements, badly formatted mail contents - really spams, very > rarely few false positive good mails). On our scale, managing a single quarantine doesn't really work, so we rather deliver the suspect messages to the users Spam-folder and give them an opportunity to check for false positives. > All of others are back off to senders. Be careful with that, so you don't get on the backscatter lists.. > > The successful fight with spams there is at the gate, not at the mailbox. At the gate we can do general filtering, but we can't train a general filter to suit 100K's of users. A spam-filter individually trained (and customized) by each user can be much more effective. Training can be done by moving messages to/from Spam-folders, customisations can include blocking senders, or tuning spam-score. -jf -- [email protected] https://inverse.ca/sogo/lists
