Unrelated but reminded me I hadn't posted a thanks to all those that responded about the sa-update rules. That's partly because I'm awaiting permission from clients to add their mails to the corpus.
So, thanks all. Apologies for forgetting my manners. Have no clue about Spear Phishing other than it's best to be the one with the spear. :-) On Thu, 17 Mar 2011 04:38:29 +0100, Karsten Bräckelmann <guent...@rudersport.de> wrote: >So this actually is a reply to the last post to your previous thread >"how to disable network tests". Merely changing the subject and pruning >the quote from the body -- surprise -- does NOT make it a new thread. On >the up-side, it appears you at least did read (I mean "keep" here) the >thread. Encouraging. > >There has been a lot of help, advice, and questions concerning your >previous topic, however. The down-side. You did not care to even get >back to a single one of them. Very discouraging. > >Do you really expect anyone to care and try to help a single-shot >question you vent on the list again? > >I for one, bloody don't. > > >On Thu, 2011-03-17 at 06:08 +0400, Hamad Ali wrote: >> Hi folks -- wondering if anyone has monitored SA's performance against >> phishing mails. SA is able to detect 86% of phishing emails my clients > >So you got paying clients. But won't communicate with the community. > >> get, with 0.5% false positives on all the ham. It seems non-phish-SPAM >> is easier to be detected than phish (~99% for non-phish spam). Probably >> I need to participate on nightly checks to improve phish and lower >> false positives. > >Participating in the mass-checks!? Without any communication (hint, two >ways) at all? I don't see that happening.
