[Users] BAYES_00 and SpamAssasin love it or hate it?

David Sommerseth dazo at eurephia.org
Thu Nov 30 20:27:05 CET 2017

On 29/11/17 22:59, L. Mark Stone wrote:
> When we use Bayes, we don't let the results be a major part of the scoring.
> I expect others have different, more positive experiences with Bayes!

I have quite good experience with the setup provided via CentOS/Scientific
Linux and packages from Fedora EPEL.  I've tweaked the rules (both amavisd-new
and spamassassin) quite a bit, and Bayes alone is not the main score provider.
 But all together, it works surprisingly well for me.  I'm using this with
Postfix as a front mail gateway with a couple of Zimbra servers behind it.

There are some spam storms which occasionally requires some additional tweaks
before Bayes captures it.  But once got enough seeding, I don't think about it
any more.

Regarding false positives, that is very seldom.  And most of them even makes
me wonder if is spam or ham.

That said, I do have quite strict rules .... so 70% of mail connections do get
dropped before they even reach the spam check.  Good starting points are:

   reject_unknown_reverse_client_hostname,    [1]
   sleep 3,       # Slows down "hammering" from single IPs

 [1] This may require some love and care, there are valid hosts which
     have poor DNS setups which does not do reverse lookup correctly.
     These cases are easily fixed by adding records to /etc/hosts.

In addition comes reject_rbl_client, I currently use:

   - bl.spamcop.net
   - zen.spamhaus.org
   - bl.blocklist.de
   - b.barracudacentral.org
   - psbl.surriel.com

Spamcop, Spamhaus and Barracuda Central are those capturing most of the
spammers; and surprisingly few false positives in my case.  Can't say the same
about SORBS (which I had to stop using).  I have about 30 hosts/IPs enlisted
in a couple of whitelists, which is quite manageable.

Another trick is also to simply block a bunch of Chinese, Indonesian,
Vietnamese and Brazilian xDSL IP addresses in the firewall.

kind regards,

David Sommerseth

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zetalliance.org/pipermail/users_lists.zetalliance.org/attachments/20171130/ce517c75/attachment.sig>

More information about the Users mailing list