CBP: Spam and Virus Handling (was Re: [clug] [AUSCERT ALERT -
Email worm W32.Beagle.A/Win32.Bagle.A])
David Lloyd
lloy0076 at adam.com.au
Mon Jan 19 13:56:04 GMT 2004
Alex,
> I've tried using SpamAssassin for spam* filtering at home, but it
> appears that the Debian maintainer is still packaging really old
> useless rules. The SpamAssassin distribution comes with rules that look
> much better.
>
> The ruleset deployed by Goldweb is particularly effective in labelling
> spam, especially when compared to the Debian package.
I use Spamassassin as packaged by Debian but I customise with these rules:
score MICROSOFT_EXECUTABLE 2.2
score MIME_HTML_MESSAGE 2.2
score MIME_HTML_NO_CHARSET 2.2
score HTML_MESSAGE 2.2
score NO_REAL_NAME 2.2
score BIZ_TLD 1.0
This brings most of the spam up to about 4.4 and my threshold sits between
4.0 and 4.3 depending on how badly I'm being bombed.
However, I aggressively train the bayesian filter especially with the spam
messages.
My training is now picking up the latest spam.
DSL
More information about the linux
mailing list