procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Best spam scoring system for domain's mail

2003-05-02 06:48:23
from [Jerry Shenk] [Permanent Link] 
Hmmm....interesting problem with the 'steamy e-mail' there...yeah, I really
don't want to know that;)

I've got SpamAssassin and Mailscanner set up.  I've set it up to modify the
subject of suspected spam instead of deleting it.  The user can put in a
rule saying trash everything with that tag or use the grading feature in the
headers.  I've also got it set to strip a ton of attachments...that bad
stuff like .reg, js, .exe, .com and more.  The one thing I did do that's a
little risky I guess is convert all html to text.  That will block e-mails
file links and the associated username/NTLM_hash collection, hostile web
pages, etc.  It will probably also screw up some people's really nicely
formatted HTML e-mail....might get some complaints about that.


-----Original Message-----
From: procmail-bounces(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
[mailto:procmail-bounces(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE]On Behalf Of 
Tyler F.
Creelan
Sent: Thursday, May 01, 2003 4:02 PM
To: procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
Subject: RE: Best spam scoring system for domain's mail


Jerry Shenk wrote:


and then SpamAssasin can score the incoming e-mail and then delete
some in an attempt to at least get rid of the most flagrant cases of
"inappropriate" e-mail.


Usually system-wide spam filters merely tag the message as spam,
rather than delete or reroute the message. Indeed there are laws in
some countries which prohibit the latter. Here are some descriptions
of more problems with the latter approach:

"In theory the positive message could also be deleted or placed in a
folder for review by the sysadmin, but as legitimate email is
sometimes tagged positive, this could violate the user's privacy. For
example, if spamassassin tagged a steamy letter from your girlfriend
as spam, you wouldn't want the admin reading the letter and forwarding
it on to you.

Another guideline established on site-wide spam filtering is to
provide users the means to opt out. For example, most users don't
receive a lot of spam and it would be annoying if one of their
friend's or business associate's emails were consistently flagged as
spam. Mandatory spam filtering also constitutes a kind of censorship
in that messages containing certain phrases, or manners of expression
(ie typing in all caps), are usually flagged.

It's ultimately up to the business/organization, but most people try
to balance spam filtering with user privacy and freedom of speech.
Observing the "tag and forward" and "opt-out" policies help to achieve
this."

TFC

_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail



_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  rule stopped working, Raven
Next by Date:  Re: Best spam scoring system for domain's mail, Andrew Edelstein
Previous by Thread:  Re: Best spam scoring system for domain's mail, Professional Software Engineering
Next by Thread:  Re: Best spam scoring system for domain's mail, LuKreme
Indexes:  [Date] [Thread] [Top] [All Lists]