[Dspam-user] More info about avoiding false positives

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Dspam-user] More info about avoiding false positives

Andre Luiz Paiz
Hi everybody,

I'm using DSPAM for about a year and I really can see the improvement of my
SPAM detection infrastructure.

Currently I'm having some complainings about false-positives. Mails from
gmail, other internal (and trusted) domains and mailman lists go straight
through the SPAM box classified by DSPAM.

I started to work with "teft" and then changed to "toe" as instructed by
the documentation. Users complain that they need to train some messages 10
times before dspam recognizes as innocent. Is there a way to improve that?
Is there a way to make dspam classify mail as spam only with user
trainning? The purpose here is to avoid false positives and make the user
to tell DSPAM what is spam.

Thanks.

My dspam.conf:

Home /var/lib/dspam
StorageDriver /usr/lib64/dspam/libmysql_drv.so
DeliveryHost            127.0.0.1
DeliveryPort            10034
DeliveryIdent           localhost
DeliveryProto           SMTP # Trocado LMTP por SMTP
OnFail error
TrainingMode toe
Feature whitelist
Feature tb=5
Algorithm graham burton
Tokenizer osb
PValue bcr

Preference "trainingMode=TOE"           # { TOE | TUM | TEFT |
NOTRAIN } -> default:teft
Preference "spamAction=tag"     # { quarantine | tag | deliver } ->
default:quarantine
Preference "spamSubject= "              # { string } ->
default:[SPAM]
Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
Preference "enableBNR=on"               # { on | off } ->
default:off
Preference "enableWhitelist=on"         # { on | off } ->
default:on
Preference "signatureLocation=message"  # { message | headers } ->
default:message
Preference "tagSpam=on"         # { on | off }
Preference "tagNonspam=on"              # { on | off }
Preference "showFactors=off"            # { on | off } ->
default:off
Preference "optIn=off"                  # { on | off }
Preference "optOut=off"                 # { on | off }
Preference "whitelistThreshold=5"       # { Integer } -> default:10
Preference "makeCorpus=off"             # { on | off } ->
default:off
Preference "storeFragments=off"         # { on | off } ->
default:off
Preference "localStore="                # { on | off } ->
default:username
Preference "processorBias=on"           # { on | off } ->
default:on
Preference "fallbackDomain=off"         # { on | off } ->
default:off
Preference "trainPristine=off"          # { on | off } ->
default:off
Preference "optOutClamAV=off"           # { on | off } ->
default:off
Preference "ignoreRBLLookups=off"       # { on | off } -> default:off
Preference "RBLInoculate=off"           # { on | off } ->
default:off
Preference "notifications=off"          # { on | off } ->
default:off

PurgeSignatures 14      # Stale signatures
PurgeNeutral    90      # Tokens with neutralish probabilities
PurgeUnused     90      # Unused tokens
PurgeHapaxes    30      # Tokens with less than 5 hits (hapaxes)
PurgeHits1S     15      # Tokens with only 1 spam hit
PurgeHits1I     15      # Tokens with only 1 innocent hit

LocalMX 127.0.0.1
SystemLog       on
UserLog         on
ServerHost              127.0.0.1
ServerPort              10033
ServerQueueSize         32
ServerPID               /var/run/dspam/dspam.pid

EOF

There is also a list of headers to ignore and I removed mysql connection
details.

Can you help me to improve my system?
Thanks

Andre Luiz Paiz


------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user