Thomas Barth <tba...@txbweb.de> writes: > Am 2024-05-11 21:54, schrieb Bill Cole: >> I have no idea who the Debian "spam analysts" are but I am certain >> that they are not doing any sort of data-driven dynamic adjustments >> of scores based on a threshold of 6.3 nor are they (obviously) >> adjusting that threshold daily based on current scores. > > I found the passage in my old Postfix book. The author writes: "It is > recommended not to carelessly set the value of $sa_kill_level_deflt to > any fantasy values. The score of 6.31 is not arbitrarily chosen, but > the statistically calculated optimum for the best possible spam filter > rate with as few false positives as possible. If you increase the > value, more spam will get through; if you lower it, your false > positives will increase."
The comments about adjustments are true, but the idea that it is optimum is flat-out nonsensical. The key question is how you weight a false positive compared to a false negative. Only after you decided that can you pick an optimium, for a given corpus of already-received mail. > It may be that the value is outdated, but that is for the maintainers > of the relevant Debian package to decide. I'll just adapt my rules to > this one value. That is an odd position. It is very easy to set the threshold in a local config. Deciding instead to adjust scores to an oddball threshold seems bizarre to me. Personally, I don't use the 5, but instead have shades of grey, where >=1 is binned into mailboxes that are "maybe spam" through "very likely" spam, and at some score, I reject at the MTA level. I find that legit mail shows up in e.g. spam.2 (>= 2 and < 3), but it is almost never mail that I would be upset to have missed (but I don't) or mail that I would be upset to not get in a timely manner (I only see it every day or so). However, this really drops the FN rate of spam in my INBOX, which matters a lot to me. Basically I consider a FP into my "spam.1" mailbox, as long as it isn't really important to me, to be not a big deal at all, and I'd rather have 10 or those than 1 FN in my INBOX. But, actually MTA-rejecting mail that I shouldn't, a FP at that level, is a big deal, and I avoid it. I think it's about one message a year -- and while it's ham, it's very spammy ham.
