| New Kerio Anti-Spam Filter [message #129089] |
Tue, 19 April 2016 12:38  |
Maerad
Messages: 275
Registered: August 2013
|
|
|
|
Hiya!
Just found out about the new thing and before I buy it, I would really appreciate some responses of you guys, how well it works. So any first adopters willing to share their experience? 
Things I really like is the delete of the msg, if phishing or malware, regardless of any whitelists etc. in Kerio.
What I don't like is, that the user can't select a mail as junk/no junk anymore, so the option with "report spam and/or no-spam" to bitdefender is IMHO a bit senseless. Also that you can't use it additional to the spam assassin filter, so it can be a bit more customized, depending on what kind of spam you receive.
Also - how good is the service of bitdefender itself? How fast are pishing mails etc. being blocked? From what I read only the hashes of attachments are send, so the filter can't run any heuristic on demand for them. Analyzing the phone numbers/url's etc. might help, but I'm quite a bit skeptical right now.
|
|
|
|
|
|
| Re: New Kerio Anti-Spam Filter [message #129092 is a reply to message #129091] |
Tue, 19 April 2016 13:53  |
Maerad
Messages: 275
Registered: August 2013
|
|
|
|
Pavel Dobry (Kerio) wrote on Tue, 19 April 2016 12:51
That option is not "report spam" to Bitdefender. Please read the text carefully. It says "Allow signatures and metadata to be used....". It means that when these options are disabled, Bitdefender cloud does not store any data. It just checks them and forgets. To detects new spam waves the cloud service must be able to keep statistics of the data so it can detect spam messages sent in bulk. So it is highly recommended to have both these options enabled. That's one of ways how the filter learns new stuff. User contribution (Spam buttons) is not present here, everything is automatic.
Hey Pavel 
Honestly, I guess you misread / interpreted what I wrote. I said the server option to report spam/no-spam is a bit senseless. I never even mentioned how or what gets shared with bitdefender or that it can be enabled or disabled.
The option itself is bad (imho), because it uses only the kerio automatic filter to report back to bitdefender, if the mail was detected as spam or not with the additional scores. There is no way to manually select or deselect a mail as spam and report it to bitdefender, in case it IS (or not is) spam and the system/score didn't detect it, because it's new or the rules are a bit more lenient.
Also in my other sentence I said, that no attachments are uploaded, just the hash and so no on-demand scanning could be made. So I really don't get why you think I got that wrong
We have some (mostly german) mails, that identifier as spam, but are so well made or no "bad" urls/links, it's not detected by a spam filter. That may be for a real company advertising the products and send the mail to us.
|
|
|
|
| Re: New Kerio Anti-Spam Filter [message #129108 is a reply to message #129092] |
Wed, 20 April 2016 15:31 |
sjwanta
Messages: 45
Registered: April 2012
|
|
|
|
Maerad:
I purchased a license for the Bitdefender service the day it was available and have been using it since then. I have seen an increase in spam using the BitDefender Anti-Spam service. I believe this is attributed to the fact that Kerio assigns a negative score (-1, -2, or -3 depending on your setting) to any message that BitDefendant does not identify as spam. I have attempted to modify mail server.cfg to set the NegativeSpamScore variable to 0, but Kerio still shows KERIO_ANTI_SPAM: -1.000.
This is a problem for at least two reasons: (1) it appears that manually setting the NgativeSpamScore variable does not work and (2) Kerio's assumption that a non-hit on BitDefender means that a message is less likely to be spam is wrong. All that a non-hit on BitDefender tells us is that BitDefender doesn't know anything about the message. It is not a whitelist and should not be confused for one.
From what I have seen, the Bitdefender hit rate on spam is pretty good. That is, it identifies messages that other spam filter components also believe are spam; however, it misses spam that are identified by other components. I would say (and it's probably too early to tell for sure) that Bitdefender is a good tool to provide additional information for a composite spam rating, but it is not much more. It is not more effective at identifying spam than the spam assassin filters and it is about as effective as some of the good RBLs (Spamhaus Zen and SpamCop).
But just as we don't assign a negative score to a message that does not get an RBL hit, we should not assign a negative score to Bitdefender results. It's not good enough for that.
|
|
|
|
| Re: New Kerio Anti-Spam Filter [message #129181 is a reply to message #129108] |
Mon, 25 April 2016 11:23 |
BobSpadger
Messages: 6
Registered: June 2015
Location: Dorset
|
|
|
|
I've just had this go live over the weekend.
So far - it doesnt seem to be picking up as much spam as our old filters.
I'm hoping between BitDefender and Sophos they strip out the virus / Malware and Phising emails, they are my main concern.
Time will tell!
|
|
|
|
|
|
Members
Search
Help
Register
Login
Home
