[SASAG] spam filtering

Kurt Buff kurt.buff at gmail.com
Tue Jun 13 15:01:04 PDT 2006

On 6/13/06, Eric Kahklen <eric at kahklen.com> wrote:
> I am looking for suggestions on what people have found useful in
> decreasing their incoming spam.  I've implemented a number of options in
> Postfix which helps a little, but I need to get a little more agressive
> without deleting legitimate email.  Free software is ideal, but if it
> costs money that is fine too especially if its less time to configure
> and manage.
> Thanks,
> Eric

For my company, I've implemented a FreeBSD box running
postfix/amavisd-new/spamassassin/clamav. For a company of around 300
people, I'm quarantining roughly 6500 emails per day (which the users
don't see unless they request it, which has happened twice in the past
3 years), and marking as spam (but passing them on) nearly the same
number. Roughly the same number of inbound emails are passed on
without being marked as spam, and I know that a small percentage,
perhaps 1-2% of those are really spam, but I do train Bayes regularly.

I have to be careful of using hard RBLs, because of the international
nature of our business, but have found that the rulesets posted in
various places (mostly the SARE rules on www.rulesemporium.com) to be
extremely helpful. Keeping current with the version of SA is very
important, and so is keeping your 3rd-party ruleset - there's a script
called 'rules du jour' which helps a great deal with that.

The box itself is an old Dell PE 1300 with dual 500MHZ procs and 1GB
of RAM and a mediocre SCSI drive, and it doesn't really breathe very
hard. I'm going to be migrating to new hardware, though, because I
want better redundancy. I'm also going to be using that as an
opportunity to get my versions current, which will help with the
numbers above.


More information about the Members mailing list