Post #102,425
5/18/03 1:40:32 AM
|
Spam filter that works
[link|http://www.infoworld.com/article/03/05/16/20TCspam_1.html|http://www.infoworld...6/20TCspam_1.html]
|
Post #102,431
5/18/03 4:36:22 AM
|
Two points
KFC: the article revers to SpamBayes. \r\n\r\n One: Spamassassin includes Bayesian methods these days. \r\n\r\n Two: Spamassassin needs regular updating -- its rules are under constant refinement. For this reason, one-time installs of spamassassin, or running SA on systems which don't readily support updating, means you're going to lose a significant amount of the advantage it provides. Score another point for Debian. \r\n\r\n SpamAssassin is available and/or proxied for numerous platforms.
--\r\n Karsten M. Self [link|mailto:kmself@ix.netcom.com|kmself@ix.netcom.com]\r\n [link|http://kmself.home.netcom.com/|http://kmself.home.netcom.com/]\r\n What part of "gestalt" don't you understand?\r\n [link|http://twiki.iwethey.org/twiki/bin/view/Main/|TWikIWETHEY] -- an experiment in collective intelligence. Stupidity. Whatever.\r\n \r\n Keep software free. Oppose the CBDTPA. Kill S.2048 dead.\r\n[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html]\r\n
|
Post #102,454
5/18/03 4:11:21 PM
|
3 - I'm using the Python / Windows version
Given an MS Exchange platform, a WinXP client, and Outlook, what SpamAssasin woult I use and how would I interface to it?
Note: I am not allowed to front end the Exchange server with anything that touches the email on the way to it.
|
Post #102,464
5/18/03 6:24:25 PM
|
Easy answer
I don't care. \r\n\r\n Not my problem. Not my email setup.
--\r\n Karsten M. Self [link|mailto:kmself@ix.netcom.com|kmself@ix.netcom.com]\r\n [link|http://kmself.home.netcom.com/|http://kmself.home.netcom.com/]\r\n What part of "gestalt" don't you understand?\r\n [link|http://twiki.iwethey.org/twiki/bin/view/Main/|TWikIWETHEY] -- an experiment in collective intelligence. Stupidity. Whatever.\r\n \r\n Keep software free. Oppose the CBDTPA. Kill S.2048 dead.\r\n[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html]\r\n
|
Post #102,508
5/19/03 6:55:38 AM
|
Looks like I've pushed a button
I'm not in general corp tech. I do the data.
I have some control of my technology, but only where it relates to my data projects.
I HAVE to use a specific setup for email. A LOT of people use this same setup.
So I post a helpful hint on how to make life a bit better and you come evangelizing. Yet you are not helpful, only: nyah nyah.
Is this just to annoy me for the fun of it? OK, I can accept that, it can be fun.
Or is there some deeper problem here, be it with me or you?
Would you feel that my original comment is of no use to anyone?
My gut feel is you read the initial post, decided that it didn't satisfy your Debian holy war agenda. You kicked in your 2 cents. When I responded, you realized you were of no use (a rare occasion for you, but it happens to all of us), so kicked off the snide remark and forgot about it.
As Greg pointed out to me years ago when I was spouting off anti-M$ stuff, he was quite comfortable using all of it, since you need to be able to make the best use of all the tools you have available. Am I so wrong at least trying?
|
Post #102,547
5/19/03 10:37:37 AM
|
That and...
A few seconds with AlltheWeb or Google will turn up several leads. \r\n\r\n You're pulling a Norm.
--\r\n Karsten M. Self [link|mailto:kmself@ix.netcom.com|kmself@ix.netcom.com]\r\n [link|http://kmself.home.netcom.com/|http://kmself.home.netcom.com/]\r\n What part of "gestalt" don't you understand?\r\n [link|http://twiki.iwethey.org/twiki/bin/view/Main/|TWikIWETHEY] -- an experiment in collective intelligence. Stupidity. Whatever.\r\n \r\n Keep software free. Oppose the CBDTPA. Kill S.2048 dead.\r\n[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html]\r\n
|
Post #102,635
5/19/03 7:11:36 PM
|
oooo ooo ooo a norm!
Arrggggg.
hmmmmm.
No.
The wonders of Google are great when you have a firm direction. I accept reading pointers with pleasure. But Google is a huge time sink of conflicting and out of date information when you wander possibilities.
As Greg has seen, I dove into SAP-DB enough to get a realistic feel for it, and did a lot of research on my own.
I come here for a point of view. People who have been there and done that and can give guidance. Sometimes I take it (sqsh) sometimes I don't (debian)
In this particular case I stumbled across something that was immediately useful and decided to share. You didn't like it, gave a no information message, and got a bit nasty.
That's OK. I forgive you.
For my consulting that does NOT use Exchange, this looks very nice: [link|http://sourceforge.net/projects/popfile/|http://sourceforge.net/projects/popfile/]
|
Post #102,886
5/21/03 1:35:46 AM
5/21/03 2:35:40 AM
|
OK
Apologies -- I was taking the usual cheap shots at Exchange at your expense. \r\n\r\n Given that I don't rely on Exchange (though it's what's used at work, I maintain my own email for virtually all my communications needs), I don't have immediate familiarity with what it can do, and (as may have been evident) don't particularly care. I consider it broken by design. \r\n\r\n That said, I've followed the SA discussion enough over the past year or two to know that there are some integrations with Exchange possible, though this is largely by reputation. I believe the two most common approaches are a commercial package incoporating SA as a locally-managed filter, and a proxy subscription service which runs your mail through Spamassassin prior to it hitting your Exchange server (or in part of the delivery process). In both cases, you've got the problem of having SA run at a distance from your mailbox, meaning it's harder for the individual user to tune preferences. \r\n\r\n My own configuration is fetchmail => exim => procmail (invoking spamassassin) => mutt. The procmail rules incorporate a whitelist / blacklist / spamlist setup, where whitelisted senders are passed straight through, blacklisted senders go to a blacklist box, and spamlist senders are automatically treated as spam (useful for commercial mailing lists / newsletters I never signed up for). While relatively complicated, the advantage is that I control when spamassassin is triggered, and what I do with the trapped spam (it's filtered to a spam mailbox for further evaluation, as well as automatically reported, over a threshold, to spam reporting services). I explicitly don't run spamassassin on mail from whitelisted senders (avoids embarassing accidents), etc. And it's trivial to add addresses to an appropriate list. \r\n\r\n My experience in running SA as an MTA-level service for a large userbase (~15k accounts) was that it was useful, and set at a threshold of 10 would eliminate about 85% of spam, with very few false positives. However both accuracy and effectiveness increase as you move the control locus to the user. Unfortunately, so does complexity, and the potential to opportunistically deny spam at the mailserver, or better, tie up spammer resources. Me? I like the power and flexibility (literally: can bounce mail anywhere, run any program, log anywhere, with comparative ease). I can see that others might be overwhelmed. And yes, I've royally fscked up my procmail recipies on occasion.... \r\n\r\n Of end-user tools, the stuff I've seen regarding Bayesian tools and Mac stuff seems the best thought out and friendliest to Joe and Jane average. While there may be tools that can tie in to Exchange, the interface in general is too limiting to be readily effective. \r\n\r\n ....some of this would have been evident from Google. But not all. And in fairness to Norm, he can't help himself. I was pulling a Ross, though, and while I'm pretty sure Ross should know better, I'm positive I do. \r\n\r\n My bad. Apologies. \r\n\r\n ....not that I didn't think you could handle it ;-) \r\n\r\n\r\n Edit Oh, and I wanted to add -- tseliot's writeup is tres good.
--\r\n Karsten M. Self [link|mailto:kmself@ix.netcom.com|kmself@ix.netcom.com]\r\n [link|http://kmself.home.netcom.com/|http://kmself.home.netcom.com/]\r\n What part of "gestalt" don't you understand?\r\n [link|http://twiki.iwethey.org/twiki/bin/view/Main/|TWikIWETHEY] -- an experiment in collective intelligence. Stupidity. Whatever.\r\n \r\n Keep software free. Oppose the CBDTPA. Kill S.2048 dead.\r\n[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html]\r\nhg
Edited by kmself
May 21, 2003, 02:35:40 AM EDT
|
Post #102,906
5/21/03 6:38:33 AM
|
Thanks for the explanation
|
Post #102,554
5/19/03 11:04:23 AM
|
Trying get's you
ALOT of good things.
Trying new stuff will always give you a clear idea of what you can and can't do.
I think Karsten is being a bit retentive here... but he does that sometimes.
Ignore that troll behind the curtain, he means nothing.
[link|mailto:greg@gregfolkert.net|greg] - IT Grand-Master for Anti-President | [link|http://www.iwethey.org/ed_curry/|REMEMBER ED CURRY!] |
THEY ARE WATCHING YOU. The time has come for you to take the last step. You must love THEM. It is not enough to obey THEM. You must love THEM. PEACE BEGETS WAR, SLAVERY IS FREEDOM, STRENGTH IN IGNORANCE.
|
Post #102,492
5/19/03 1:11:47 AM
|
Sounds like you're screwed.
Given an MS Exchange platform, a WinXP client, and Outlook, what SpamAssasin woult I use and how would I interface to it?
Note: I am not allowed to front end the Exchange server with anything that touches the email on the way to it. If it's any help, tell 'em I just put an Exim hub in front of our Exchange 2000 server, specifically for running SA. Whole job took a couple days, most of which was research, getting to know Exim and SA while I wasn't doing other projects. Downtime: 2 seconds to push "enter" twice. FWIW, the client isn't as important as a server that can interface with SA. I suppose you *could* do server-side scripting with MSEX straight to SA, but I wouldn't want to try it. Google for it, I guess, although I couldn't even find anyone who had hubbed like I wanted. If I were you, I'd investigate in detail the "no touchee" requirement and see if there were ways to allay or work around those specific scenarios they are trying to protect against.
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #102,527
5/19/03 9:13:21 AM
|
What about individual training?
How would that work?
In the case of pop based solutions I've seen, each person gets a web interface into their mail store. They use this to train for their particular preferences.
In our company, we have highly individualistic requirements for filtering.
Since we do junk mail (printed), the body of a very important email might contain ad copy from a client, which means it feels like spam. In the case of the Outlook intefaced SpamBayes, this allows the client reps to train for their particular client, while the rest of the company won't be annoyed.
|
Post #102,539
5/19/03 10:00:12 AM
|
The nice thing about Exim
...it's clean and modular. So your opportunities are (functionally) limitless. You could:
1) Set up a separate SA for such departments. 2) Personalize SA per user, group, what-have-you. 3) Catch addresses, keywords, what-have-you before SA ever gets called.
My solution doesn't uses POP at all. It gets mail from the outside, pipes it through SA, then routes it on to Exchange with no other modifications. Keep in mind that SA by default does not delete anything, and it's not client-based at all.
Quick reply, I know, but I have to get to work! :)
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #102,589
5/19/03 1:55:39 PM
|
Okay, I have time for more detail now
> What about individual training? > How would that work?
I assume you mean "training" in the sense of "training the Bayesian filter"? There are several aspects to SA's bayes process:
1) The usual training from individual emails. SA has mechanisms to traverse a folder full of ham or spam (mbox, maildir, etc), and incorporate it into the statistical db. You can also do that for a single mail item from the command line. So, for example, I've got an Exim director/transport pair which receives mail at spam@mydomain.com (from internal senders only) and adds it to the SA db via the latter mechanism. Ditto for ham. This is for false positives/negatives.
2) White/blacklists. This is my next project: allow people to forward ham/spam to another pair of local addresses, and have the original senders black/whitelisted. This is a bit more work, and I may just screw the mail parsing of embedded headers and go with a web interface.
> In our company, we have highly individualistic requirements for filtering. > Since we do junk mail (printed), the body of a very important email might > contain ad copy from a client, which means it feels like spam. In the > case of the Outlook intefaced SpamBayes, this allows the client reps to > train for their particular client, while the rest of the company won't > be annoyed.
3) You can override the system-wide scoring, both Bayes and hard-coded, with user config files. In the case of a mail hub, you could group certain recipients together to use a common config file.
Again, SA on my setup runs as an add-on "service" to Exim, which has its own mechanisms for rejecting/accepting mail. In other words, SA is not embedded/compiled into Exim. Exim invokes SA as scripted. You could use any number of means within Exim to accept mail from known clients without passing it through SA at all. Exim uses a transport to invoke SA processing; certain directors send mail on that transport; other directors do not.
When I get around to writing an auto-whitelist tool, I'd be happy to share it with you. Configuring Exim to use SA can be examined at e.g.: [link|http://dman.ddts.net/~dman/config_docs/exim3_spamassassin.html|http://dman.ddts.net...spamassassin.html]
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #102,736
5/20/03 9:14:23 AM
|
Thanks
I'm doing a bit more on the possible front-ending issue. Might be doable in a little while.
|
Post #102,829
5/20/03 3:59:24 PM
|
Full writeup on Exim and SpamAssassin as Exchange front end
[link|http://www.aminus.org/rbre/work/eximhub.htm|http://www.aminus.or.../work/eximhub.htm]
Comments welcome.
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #102,843
5/20/03 5:46:22 PM
|
Thanks to you...
I like this. This is GOOD stuff...
Love it.
[link|mailto:greg@gregfolkert.net|greg] - IT Grand-Master for Anti-President | [link|http://www.iwethey.org/ed_curry/|REMEMBER ED CURRY!] |
THEY ARE WATCHING YOU. The time has come for you to take the last step. You must love THEM. It is not enough to obey THEM. You must love THEM. PEACE BEGETS WAR, SLAVERY IS FREEDOM, STRENGTH IN IGNORANCE.
|
Post #102,846
5/20/03 6:08:56 PM
|
Thanks! (plus, I added the .css file I forgot to upload)
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #102,858
5/20/03 7:21:40 PM
|
Coming soon to knight?
===
Implicitly condoning stupidity since 2001.
|
Post #102,876
5/20/03 10:41:43 PM
|
Ummm...
Why, yes indeedee. Soon too.
[link|mailto:greg@gregfolkert.net|greg] - IT Grand-Master for Anti-President | [link|http://www.iwethey.org/ed_curry/|REMEMBER ED CURRY!] |
THEY ARE WATCHING YOU. The time has come for you to take the last step. You must love THEM. It is not enough to obey THEM. You must love THEM. PEACE BEGETS WAR, SLAVERY IS FREEDOM, STRENGTH IN IGNORANCE.
|
Post #102,855
5/20/03 7:16:11 PM
|
THANKYOU!!!
Great stuff
|
Post #102,856
5/20/03 7:17:34 PM
|
Great, but...
... why isn't it in the twiki...? ;-)
Regards,
-scott anderson
"Welcome to Rivendell, Mr. Anderson..."
|
Post #102,857
5/20/03 7:21:24 PM
|
Ouch.
Because I wanted the page to look good and be readable? >:)
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #102,859
5/20/03 7:23:41 PM
|
You can use the same HTML there...
Regards,
-scott anderson
"Welcome to Rivendell, Mr. Anderson..."
|
Post #102,952
5/21/03 10:58:06 AM
|
--Document got minor edits this morning
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #102,981
5/21/03 3:44:24 PM
5/21/03 3:48:29 PM
|
Comments unwelcome
..in the (otherwise nice) text. In the context of a screed, inline comments like "uh...system" just make you look like another kook. Yes Exchange is a piece of shit. Everyone knows that.
(GRATUITOUS USE OF cat WARNING - section "Turning it On")
-drl
Edited by deSitter
May 21, 2003, 03:48:29 PM EDT
|
Post #102,999
5/21/03 5:41:10 PM
|
I've adapted my message to my audience...
most of whom are, like me, tired of Exchange and are looking for better alternatives. Using Exim and SA as a front-end to Exchange is a first step for me and them to eventually replace Exchange entirely. As far as I'm concerned, people who take offense at such comments can go jump in a lake--they're not intended or welcome as the recipients of my labor. All of which is to say, I think you've misinterpreted my intended audience.
On the other subject, do you have a preferred alternative to the "cat"? Involving < perhaps or should I try to divine your solution with bones and chicken entrails?
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #103,027
5/21/03 9:20:16 PM
|
Re: I've adapted my message to my audience...
"grep --with-filename expr filename_pattern" usually works. stdin and all that.
As for intended audience, it should be people who are cemented to the POS Exchange - why try to convince the convinced?
As for "gratuitous use of cat", that's an old UNIX dig. You're guilty. Fess up.
-drl
|
Post #103,041
5/21/03 10:22:12 PM
|
Thanks for the explicitness
> "grep --with-filename expr filename_pattern" > usually works. stdin and all that.
Thanks.
> As for intended audience, it should be people who are cemented > to the POS Exchange - why try to convince the convinced?
I think what I was trying to say before was that I didn't put this document out there to convince anyone of anything. It's there to help people who are already convinced, and are looking for How To Do It, since there is precious little of that in the MTA crowd specifically, and the sysadmin crowd in general. If people aren't already convinced that Exchange is a POS, then my little HOWTO document is not the place to try to convince them. Attempting such makes me look like a kook. ;)
> As for "gratuitous use of cat", that's an old UNIX dig. > You're guilty. Fess up.
Well, if I were an old UNIX'er, I'd do so. :) I learned on Apples and am employed on Windows. UNIX, I'm still leraning about. So again, thanks for the tip.
Many fears are born of stupidity and ignorance - Which you should be feeding with rumour and generalisation. BOfH, 2002 "Episode" 10
|
Post #102,526
5/19/03 9:11:10 AM
|
Sounds like the ACE system here.
Advanced Computing Enterprise
MS Exchange, XPpRo client, Outlook. Web sites blocked if deemed "inappropriated" (i.e. WebShots). Auto "updating" of the desktop software, to include the screen saver.
SO far IWETHEY hasn't been blocked...
[link|mailto:jbrabeck@attbi.com|Joe]
|