On Thu, 2 May 2013, James Harper <james.harper@bendigoit.com.au> wrote:
. Never use a Junk Mail folder. Either deliver the email to the inbox or don't accept it (maybe causing the sender to get an NDR, but that's the responsibility of the sending server). This requires filtering at SMTP time but that's how I do it anyway.
I agree. I currently only run one server with a junk folder (as far as I recall), and that is a "pending" folder for mail which has a challenge- response message sent out (not my choice, I'm just paid to do sysadmin work).
. Use greylisting. I wrote my own here that has some smarts about trusting domains (eg bigpond) once a certain number of senders have been seen. I used to greylist for an hour but only 15 minutes now, and only for email with a spamassassin score above some threshold. The idea being that by waiting a bit the sender may get blacklisted in that time if I am the recipient of a new spam run.
Sounds nice, can you release it under the GPL? One problem with statistical anti-spam measures is users who blindly put their "spam" into it as training without review. So when (not if) a legitimate message is classified as spam the statistical system is trained to do that again... -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/