Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Mark Goodge (markgood-stuff.co.uk)
Date: Fri Jun 18 2010 - 04:28:11 CDT
On 18/06/2010 10:17, Antoine Nguyen wrote:
> Le 18/06/2010 11:15, Michael Weissenbacher a écrit :
>>> Conclusion: the spam is passed! I could stop sending notifications but I
>>>> think my employer would not like it...
>> Short answer:
>> You should NEVER notify anyone about detected spam! This will
>> effectively make yourself a spam source. It's even worse when you attach
>> the original message.
> I agree with that... but what about false positives?
There are three main options:
1. Just discard spam.
2. Quarantine spam, and allow the user to check their quarantine folder
and release it if necessary.
3. Don't intercept spam, just tag it and leave the actual filtering to
the recipient's own system.
I'm not a great fan of quarantining, although it works fairly well for
webmail systems where the quarantine can be accessed through the same
interface as the inbox (eg, Gmail and Hotmail). It's less helpful where
mail is delivered to a POP3 or IMAP box as users have to go to a
separate interface to check the quarantine.
Personally, I prefer to have an approach that's split between discarding
and tagging - discard anything that's a definite spam, and tag the rest.
That way, you minimise the worst effects of spam while not blocking
anything that might generate a false positive.