On 06/03/2018 04:42, Luis E. Muñoz wrote:

> I would argue that the current scores work very well for default installs.

My experience shows otherwise 

>> That would be acceptable :)
> I disagree. Knee-jerk changes to rule scores based on a single report that 
> contradicts what others are seeing is detrimental to the stability of SA. I'm 
> either responsible or consult for filters that process ~10 million messages 
> per day at a few corporate organizations where SA is used extensively in

only 10 million a day? thats not much, my experience is with large
national ISP's, wjhere we have to cater for  all types, techies, nerds,
mums and dads, and grandparents who do nothing more than send email or
skype, as well as businesses, hosting servers run teh same rules
residential systems use, these have been refined over a great number of

> both the inbound and outbound. Not a particularly large number nor more than 
> a few samples. Yet in all those cases I keep the default IADB scores in place 
> as they work well with our rule sets. The only message that was marked as 
> spam and triggered one of the IADB rules in my archive was sent by an 
> ex-customer of the IADB.
> Based on my data, I'm seeing more false positives from other rules -- yet I'm 
> not proposing to change the default SA configuration because of this. I 
> understand that factors such as geography or my user base change 
> effectiveness.

false positives from bad guys scoring is one thing, being over reaching
with whitelisting scoring is another,  trust can only be earned, who I
trust will differ from who you trust, and so on, its why we score 0 many
common whitelist rules 

Kind Regards, 

Noel Butler 

                This Email, including any attachments, may contain legally 
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate, discuss, or
reveal, any part, to anyone, without the authors express written
authority to do so. If you are not the intended recipient, please notify
the sender then delete all copies of this message including attachments,
immediately. Confidentiality, copyright, and legal privilege are not
waived or lost by reason of the mistaken delivery of this message. Only
PDF [1] and ODF [2] documents accepted, please do not send proprietary
formatted documents 


[1] http://www.adobe.com/
[2] http://en.wikipedia.org/wiki/OpenDocument

Reply via email to