Yesterday I said I'd try the CRM114 antispam classifier/blocker. It's author seems to be in a friendly competition with another author (DSPAM) over their respective code's effectiveness. For no reason, I tried the other one first: http://www.nuclearelephant.com/projects/dspam/sources/ For my mailer (qmail) I used shim software called gadoyanspam: http://oss.mdamt.net/gadoyanspam/ I configured ~/.qmail to first pipe mail through gadoyanspam, which is told to put suspect mail in a spammy group, as a Maildir: |/usr/local/bin/gadoyanspam --quarantine=Maildir/.in.dspammy [NOTE: the above doesn't work quite right, but does work; more below] I setup qmail's wonderful extension addresses so that I could send misclassified mail to chris-hammy and chris-spam so it would learn. [~/.qmail-hammy] |/usr/local/bin/dspam --user chris --falsepositive [~/.qmail-spam] |/usr/local/bin/dspam --user chris --addspam I then pushed maybe 50 msgs which my previous antispam measures (DCC) had found, simply by resending them to chris-spam at my domain; the .qmail-spam alias did the processing and made it learn. [I have some confusion about how it keeps its memory state and what permissions the programs and directories need to run which I'll have to resolve later] Today which checking mail, my IMAP server presented a new folder: 0: nnimap+pectopah:INBOX.in.dspammy-spam This is under Emacs Gnus, using the nnimap backend, my server named pectopah, under top-level folder INBOX, subfolder in.dspammy-spam. So gadoyanspam appears to be suffixing the default "-spam" suffix onto my specified quarantine folder, not a big deal. There were a couple dozen messages in there, and one or two were not spammy, like adverts from folks I buy stuff from (e.g., Amazon). I re-send those to chris-hammy at my domain. I haven't noticed ANY spam in my other mailboxes. I'm very impressed. This is much better performance than I got with DCC which I believe is being fooled by random words in current spam. I'm still interested in trying CRM114, but this seems to be doing very well for me right now. It also comes with a CGI so users can manage their own quarantines, but my email resend thing is trivial to use so I haven't bothered to install it. I should really dig in and understand the setuid, users, permissions, qmail's unpriv'd processes, and so on so I can run with the minimal privs and maximum access control I can. I just wanted to see if it was effective first. PS: I've changed the name of the .qmail-* files above to prevent jerks harvesting the addresses here and sending directly to them. $Id: qmail-dspam-gadoyanspam.txt,v 1.1 2004/03/13 15:54:55 chris Exp $