[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: greylisting on debian.org?

Le mar 18 juillet 2006 09:34, Lionel Elie Mamane a écrit :
> This will still include legitimate mail.

something like 50 over 300k is less than 0.016%.

which is also really less than the usual number of false positives of 
your bayesian mail filter. see end of mail.

> > and if you never actually realized, there *IS* such a slowdown on
> > debian mail lists, it's called crossassassin, it kills master on a
> > regular basis, and is *REALLY* less effective than greylisting.
> I don't remember the "master cannot cope under mail load, we need
> desperate measures" point being brought up before. I may have missed
> it.

these days master has a high load on a regular basis:
   load average: 239.68, 299.68, 326.84

from IRC a couple of days ago,

What I experience as a debian developer is that:

 * 80% of the overall spam that eventually comes into my inbox went
   through my debian.org account, that renders the read of such a
   mailbox really hard, and I'm pretty sure that I miss more than 0.016%
   of legitimate mail in my readings.

 * my @debian.org address has considerable slowdowns due to our MXs
   beeing overloaded from time to time. 80% of the time, it's because of
   crossassassin becoming mad, or some spam attack.

Just take some factual numbers: I receive sth like 300 mails a day (top, 
I think the mean value is more around 150). that makes 109.500 mails a 
year. I know for a fact that my bayesian filter makes sth like 4 to 5 
errors per year. And yes I know how to train one. So my bayesian mail 
filter has at least a 0.05% false positive rate, and I'm really 
convinced in fact it's more like 0.1% (maybe even more).

SA is used extensively on debian hosts, I'm also quite sure it also has 
worse rates than a 0.1%. So you are claiming that greylisting is a 
really bad method ? come on !

currently, I receive so many spams from debian, that I just CANT sort 
them. it's sth like 90spams a *day* sometimes. How do you find the time 
to look at the good mails in there ? I can't. So by not delaying 0.016% 
of the legitimate mails, you make a lot of people *LOOSE* for real way 
more than that.

please, your point is only made of impressions, now you have numbers.

·O·  Pierre Habouzit
··O                                                madcoder@debian.org
OOO                                                http://www.madism.org

Attachment: pgpJtu6ajfaYI.pgp
Description: PGP signature

Reply to: