[Mimedefang] combining filters for better spam filtering
Lucas Albers
admin at cs.montana.edu
Fri Mar 12 01:38:46 EST 2004
I was impressed by thought of combining multiple spam filtering solutions
together, to get better results.
per http://ranger.befunk.com/blog/archives/000174.html
But first an explanation of terms for those that need them.
Bogofilter:another bayes spam filter,tmda:prompts before delivery.
Basically, it does this:
Check against white/grey lists -- if it's OK, pass it through.
Run it through bogofilter and/or spamassassin -- if it's OK, pass it
through. If it's not, add it to the bogofilter training as spam.
Run it through procmail filters to push mailing list messages to
appropriate filtered folders.
Only if it doesn't match any of the previous, pass it through to TMDA. If
it's OK, TMDA will deliver it, otherwise it will request a confirmation.
I the case of mimedefang, you would replace procmail delivery with
mimedefang as you equivalent delivery agent.
It would also perform the normal tasks it does on mail delivery.
The abridged mail delivery system would be:
greylisting (assume greylist already automatically whitelists after
tempfail period)
anti-dos:deny machines that connect at faster then a 2 minute interval, or
connect more then 5 times simultaneously, in which case greylist for 10
minutes at most.
helo checking:add some points for particular relays, or shoddy hello
commands.
virus scanning
attachment blocking
whitelist/greylist/blacklist of senders.
bogofilter,crm14,spamprobe.
spamassassin
(train either bogofilter/spamassassin as spam or ham as necessary.)
tmda
CPU is cheap run as many bayes filters as possible for more accuracy.
The important thing is to minimize the amount of emails you prompt for
confirmation, and catch more spam in the process.
I believe this implementation is possible.
Reasonable I would expect(know?) something like canit-pro with individual
user preferences would get better results than a system with a shared
bayes database.
--
Luke Computer Science System Administrator
Security Administrator,College of Engineering
Montana State University-Bozeman,Montana
More information about the MIMEDefang
mailing list