Spam Filters

[derek / nul]

look.

I'm tried k9 too, I find the blacklist pretty useless and slow. Bayesian
filters are generally sufficient to reach 99.5++ level.

You are quoting from a personal level.
The corporates use and like the blacklists.

To say they are useless is very shortsighted.

 

[Aaron]

On 5 Mar 2005 18:45:24 +0100, Aaron


You are quoting from a personal level.

Of course, that's at the level we are talking about. k9, POPfile,
mailwasher etc are all home user products.

The corporates use and like the blacklists.
To say they are useless is very shortsighted.

To try to discuss about corporate mailservers, when we are talking about
homeuser products like k9 is very shortsighted.

 

[Matt]

1. the list contains more home pc's that it does servers,
2. each list owner updates their own,
3. the contents of the lists a moving target.

The blacklists vary considerably in their makup, policy, administation
etc.

Some of the better ones use a spamtrap/honeypot system, so that where
spammers have the spamtrap in their list, the trap is triggered, and
the offending address blacklisted automatically for a set time -
described as an "easy-on / easy-off" list.

Other lists block IP ranges ( a class C or larger ).

Some (not recommended for general use) us highly opinionated criteria,
and may block entire address ranges of ISPs that they consider not to
be acting to resolve spam.

Another very useful trick, is regex filtering (as in Spampal)
My preferred target in spambashing, is to use headers only, so that
the body can be dumped with a "delete from server" action.

 

[Fuzzy Logic]

Is there an efficiency difference between the three types?

Yes. For example our server side filter quarantines all suspected spam and
sends out a single message listing suspected spam. This mean that instead of
downloading approximately 200 spam messages a day I only download 1 report.

A proxy filter also can block messages so that they won't need to be
downloaded. Some are more effecient than others.

The least effecient will be one in the client (built in or a plugin) as the
messages all need to be downloaded from the server before the filters can
process them.

 

[roadster3043]

Yes. For example our server side filter quarantines all suspected
spam and sends out a single message listing suspected spam. This
mean that instead of downloading approximately 200 spam messages a
day I only download 1 report.

A proxy filter also can block messages so that they won't need to
be downloaded. Some are more effecient than others.

The least effecient will be one in the client (built in or a
plugin) as the messages all need to be downloaded from the server
before the filters can process them.

Thanks.



--
Take care.

roadster3043

ICQ 154116780
Yahoo intuxicated
MSN jmfix at hotmail dot com
AIM roadster3043

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

The least effecient will be one in the client (built in or a
plugin) as the messages all need to be downloaded from the server
before the filters can process them.

I use my client to filter most spam after downloading only headers. It
does use my bandwidth, unlike server-side filtering, but not nearly as
much of my bandwidth as would downloading all messages.