[unisog] spam detection rates

Russell Fulton r.fulton at auckland.ac.nz
Tue Nov 16 19:27:12 GMT 2004


Hi Folks,
	 Recently a colleague (Bojan Zdrnja) and I gave a paper at a local
Tertiary IT conference about dealing with spam an malware.  Bojan
described our new mail system that he had designed and implemented
(postfix, spamassin, amavisd, sophos -- with Dspam and clamav as
secondary AV and spam detection).

As part of the preparation for this talk we tried to estimate just what
the real rate of spam detection was by selecting a few addresses that
attract a lot of spam (mine was one) and examining a weeks worth of
mail.

We were rather chuffed to find that out of nearly 400 spam messages
delivered to my account only three made it through with out being
recognised as spam.  There was also a couple false +ve but they were a
deliberate plant -- I signed up to a the digest of a support group for a
medical condition that my wife subscribes to.  The digest contains up to
30 emails with lots of medical terms and symptom descriptions along with
urls for useful products.  Her ISP's spam filter regularly tags it as
spam so we thought we would try it through our system.

Anyway, to the point of this post.  In our test our system delivered
over 99% accuracy in identifying spam over the period of a week for a
few selected accounts. (We have had four complaints in six months about
false positives).  Does anyone else have figures for their systems that
they would care to share.

I now see less than one piece of spam a day (I have had 13 so far this
month).


-- 
Russell Fulton, Information Security Officer, The University of Auckland
New Zealand




More information about the unisog mailing list