DCC and false positives

Arjan Melein Amelein at dantumadiel.eu
Fri Nov 29 11:57:35 GMT 2013


I'm getting a few (more then acceptable) false positives where DCC is to blame as the factor for pushing the score over the limit.
Obviously its not just DCC that is causing the bad score, I'm also seeing 50% bayes scores a lot for normal e-mail so I'm thinking our mail server has been flooded by spam filled with normal words (I forgot the term for this) at some point. This is something I also  need to look at and possibly run a bit more aggressive expiration for a while. Any advice on this would be appreciated :-)

Most of the false positives I am seeing have been sent from normal ISP servers and are not (legit) bulk mail which makes me wonder why they are listed on DCC.
People do seem to be getting the habit of sending blank e-mails with just an attachment which isn't helping.
Is anyone else seeing this with DCC ? I've been thinking of disabling it for a while.

-
Arjan



More information about the MailScanner mailing list