Re: mail filtering
From: Doug (doug.abney_at_pilouisville.nospam.com)
Date: 07/14/04
- Next message: Henry Craven: "Re: Different colored filenames"
- Previous message: SuperGumby [SBS MVP]: "Re: Different colored filenames"
- In reply to: Harry: "mail filtering"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 14 Jul 2004 10:36:29 -0400
We spent a total of about 6 hours to set up our REGEX filters that catch
variations of common spam keywords like V|@gra, set up our white list that
took a couple of hours of typing using *.domain format, added 3 addresses to
our recipient blacklist, and an hour or so to tweak the order that the Real
Time Black Hole lists filter. I anticiapte once a quarter, or more
frequently if available, having to spend 5 minutes or less to import a new
XML file that will update the Real Time Black Hole lists. We'll add new
REGEX filters as we notice new SPAM terms that we didn't catch in the first
wave of filters we set up, but that is a minimal amount of time with the
REGEX generator app that was supplied by a user in the ORF newsgroups.
I have several e-mail addresses that are on large public web sites that I
support. I personally was getting on average 800-1000 SPAM e-mails per day.
I would come in on Mondays to 2000+ if I didn't clean out the mailbox over
the weekend. We set the app to tag the SPAM for a month while we monitored
for false positives and we had none, so we have been deleting the SPAM for
the last several weeks. Mail deleted as SPAM gets an NDR generated that
explains why the e-mail was deleted as SPAM so that we can be notified if
mail is deleted in error. Right now we are dropping 92% of e-mail at the
gateway, so based on the volume of SPAM I was receiving versus the time
spent to set up the app I will have a payback very, very quickly.
Now if you're talking about machine overhead, the app takes about 50 MB when
running as a service on the SBS2K box. It consumes around 300 MB of RAM when
I have the admin panel up to configure or check statistics for the various
tests and filters active in the application. The app consumes less than 50
MB of disc space. RAM and disc space is cheap compared to the people that we
have to pay to go through thousands of tagged SPAM messaages to decide if
they're SPAM and delete or not.
Again, I am not affiliated with ORF or Vamsoft in any way except that we
bought the software and love it. It was a no-brainer for me, 99.00 to set up
a system that buys me and my users time with is what we sell or continue to
slog through the mountains of SPAM until we upgrade to SBS2003. That was the
logic and justification I used to sell it to my boss.
I
"Harry" <anonymous@discussions.microsoft.com> wrote in message
news:2cd4901c469a4$ff10f170$a501280a@phx.gbl...
> Hi
> We use Spamnet from www.cloudmark.com. Great checker, as
> it never actually deletes mail, just moves it to a spam
> folder so you can peruse before you delete.
> Anything that depends on white lists, black lists,
> keywords or learnt boolean logic just has a huge overhead
> of maintenence.
> Harry
> >-----Original Message-----
> >I'm getting the usual load of spam by the bucketload at
> the moment for stuff
> >like viagra etc etc... Is there anyway to set a filter
> up in exchange to
> >drop these emails even before they hit the mailboxes of
> my users?
> >
> >
> >.
> >
- Next message: Henry Craven: "Re: Different colored filenames"
- Previous message: SuperGumby [SBS MVP]: "Re: Different colored filenames"
- In reply to: Harry: "mail filtering"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
