Amazing amount of SPAM getting through
Collins, Kevin
KCollins at NESBITTENGINEERING.COM
Wed Aug 20 13:06:12 IST 2003
Last night I set our MailScanner machine to handle 100% of our e-mail
traffic. It immediately began sifting through our e-mails. I was surprised
by three things:
1). We get much more e-mail than I expected - about 600 a day from the
looks of it.
2). That Sobig.F is moving so quickly - MailScanner caught 44 different
e-mails with it yesterday evening. (YAY MailScanner!)
3). Out of the 600 or so e-mails, only 10 or so have been flagged as
"Spam".
I can confirm No. 3 with a simple example - my mailbox. When I arrived this
morning, I had 10 e-mails waiting on me. Of those 10, 9 were SPAM.
MailScanner had only flagged (modified the Subject line with "{Spam}") 2 of
them. If this dispersal is "typical" (which I doubt) that means that
approximately 78% of the SPAM we get is getting through MailScanner.
Don't get me wrong, I'm happy to be able to handle the 22% we are getting,
but this is nothing like the 95% claim that I've seen touted about.
I truly believe this is because of my configuration. I'm using the stock
DNSBLs and rulesets that come with MailScanner 4.22-5. I have been to
http://www.declude.com/JunkMail/Support/ip4r.htm and looked at additional
DNSBLs to add, but not sure which of those would be the best. Any
suggestions?
Another question I have concerns SpamAssassin (SA). Would my SPAM detection
rates go up if I include SA to the mix? Do I need SA to get the 95% rate?
--
Kevin L. Collins, MCSE
Systems Manager
Nesbitt Engineering, Inc.
More information about the MailScanner
mailing list