Date: Mon, 17 Dec 2007 09:56:16 -0600 From: Eric Crist <mnslinky@gmail.com> To: Jorn Argelo <jorn@wcborstel.com> Cc: girishvenkatachalam@gmail.com, freebsd-questions@freebsd.org Subject: Re: (postfix) SPAM filter? Message-ID: <A6EAB1D6-CB49-4008-899D-51078181C4C4@gmail.com> In-Reply-To: <9cc0a3fa1d403f16f4fc9b2abb49fb75@mail.wcborstel.com> References: <20071216185050.GB26535@brahma.susmita.org> <9cc0a3fa1d403f16f4fc9b2abb49fb75@mail.wcborstel.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 17, 2007, at 2:36 AM, Jorn Argelo wrote: > > > On Mon, 17 Dec 2007 00:20:50 +0530, Girish Venkatachalam <girishvenkatachalam@gmail.com > > wrote: >> On 14:48:35 Dec 15, Jorn Argelo wrote: >>> Greylisting only works so-so nowadays. There was a couple of >>> months it >> was >>> very effective, but that is long gone. Spammers aren't stupid, and >>> they >>> follow the development of anti-spam techniques as much as e-mail >>> admins >> do. >>> Greylisting is a start, but from my experience it is not nearly >>> enough. >>> >> >> I have heard this said elsewhere too. > > Yes don't rely solely on greylisting unless you're a lucky guy and > don't get a lot of spam. I hear a lot of people saying that greylisting doesn't work, when I have actual numbers for my network proving it does. These numbers are from the first week of May 2007 to today: Greylisted/Rejected Messages: 187560 Spam Tagged Messages: 3806 Virus Tagged Messages: 0 Bounced Messages: 7 Total Messages Sent: 761 Total Messages Delivered: 25345 So, out of 25,345 messages that have been delivered to mailboxes, 3,806 of them were tagged as Spam by Spamassassin. Guessing at false positives based on what I see in my inbox (I'm the heaviest mail user on my network), about 10% are probably false positives. 25345/187560 = .1351 = 13.51% of email gets past greylisting. ((3806*.90)/25345) = .1351 = 13.51% of that email is considered Spam, which is probably correct. Based on those numbers, 162,215 messages were probably Spam. I'm guess it's Spam, as none of our users have complained that there is legitimate email failing to get through to their inbox. That would be ~88.8% of email hitting my systems is Spam. I would consider greylisting in my case VERY successful. What this doesn't take into consideration, however, is that I truly hate the delay of receiving a message from someone that isn't in the database, and as such, we're working on improving our SA rulesets and getting rid of greylisting. If my math is wrong here, please feel free to correct me, I'm by no means any good at it. ;) ----- Eric F Crist Secure Computing Networks
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A6EAB1D6-CB49-4008-899D-51078181C4C4>