On 02/10/2014 10:40 PM, Nico Kadel-Garcia wrote:
> On Mon, Feb 10, 2014 at 8:13 PM, Yasha Karant <[log in to unmask]> wrote:
>> Our site has been edicted to Microsoft Exchange server with a Barracuda spam
>> filter.  There are numerous difficulties, one of which is spam not being
>> filtered and non-spam being so filtered (significant increase in mission
>> critical false positives).  At present, the administrative authorities (all
>> of whom appear to be management professionals, not internals nor systems
>> folks) insist on Exchange, allowing open systems standards compliant
>> end-users to have IMAP service.  Given this, what are the best server-side
>> spam filters, either hardware or software?  "Best" should be based upon
>> current field-deployed experience and/or unsolicited external reviews (not
>> vendor-supported "independent" reviews).
> The most effective, and one of the most efficient, spam filters is
> CRM114. It's a Markovian neural net based filter, it learns very well
> from users selecting what is and isn't spam, and normally deployed
> each person winds up with their own tuned and quite independent
> filters, so the spammers can't tune their spam to get past it like
> they do with ClamAV and Spamassassin.
>
> Unfortunately, it's not well packaged for commercial use. Barracuda
> was pretty good the last time I looked, you just had to be aware of
> its limitations and that it requires some ongoing tuning. And very
> basic front end filtering, like activating SPF or or using SPF based
> filtering in front of it, really helps reduce the load.
>
Back when I ran a Barracuda, I found my most effective plan was to 
automatically 'quarantine' any message from a mail server without a 
reverse DNS record and set a fairly low quarantine threshold for 
everything else.  Short of viruses, I didn't delete any email automatically.

Once it was trained, I loved it - but that took a few weeks and oodles 
of time.

Pat

-- 
Pat Riehecky

Scientific Linux developer
http://www.scientificlinux.org/