From owner-freebsd-security@FreeBSD.ORG Thu May 13 05:46:43 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9FA9B16A4CE for ; Thu, 13 May 2004 05:46:43 -0700 (PDT) Received: from web.gwds.net (web.gwds.net [64.49.223.228]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA47D43D3F for ; Thu, 13 May 2004 05:46:42 -0700 (PDT) (envelope-from jstephen@gwds.net) Received: from [192.168.254.145] (computrain-client-sycamore.2gaap.net [63.89.77.233] (may be forged)) (authenticated bits=0) by web.gwds.net (8.12.11/8.12.11) with ESMTP id i4DCkf26096959 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 13 May 2004 08:46:42 -0400 (EDT) (envelope-from jstephen@gwds.net) From: James Stephenson To: z3l3zt@hackunite.net, freebsd-security@freebsd.org In-Reply-To: <1886.213.112.193.11.1084410012.squirrel@mail.hackunite.net> References: <1886.213.112.193.11.1084410012.squirrel@mail.hackunite.net> Content-Type: text/plain Message-Id: <1084452400.726.26.camel@spongeworthy> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Thu, 13 May 2004 08:46:40 -0400 Content-Transfer-Encoding: 7bit Subject: Re: How do fix a good solution against spam.. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2004 12:46:43 -0000 On Wed, 2004-05-12 at 21:00, Jesper Wallin wrote: > I've checked the configuration file for SpamAssassin, but yet I havn't find any good > solution for spam.. Sure, spam will always be a problem and I guess it's impossible to > filter 100% of all spam.. Jesper: I recently switched from SpamAssassin to an open source program called DSPAM (http://www.nuclearelephant.com/projects/dspam/). It works differently than SpamAssassin in that it processes each message that comes in and creates a DSPAM Signature, which it puts in the header of each e-mail, along with headers specifying whether it thought the e-mail was spam or innocent, and the spam probability of the e-mail. DSPAM starts off without filtering out anything, but the way it works is through "training." You set up an e-mail alias for all your spam and false positives on your server, and you forward spam that wasn't marked as spam to the spam alias, the same for false positives. DSPAM then checks the e-mail for any existing DSPAM signature, matches it against a database, and records what you marked it as. It then uses the Bayes algorithm of probability to detect any incoming e-mail's likeliness of being considered spam based on your habits of marking spam. It works extremely well, but it takes a while to train. I've had mine up for three days now, and it is increasing in accuracy with each day. You just have to make sure that you forward all your e-mails to the spam alias when you receive them, and all false positives as well, or else it will be worthless. Check out the web site, maybe it will help explain it a bit more. One note - the documentation is not that good, so set up could be a bit of a hassle. James Stephenson