 BitDefender vs Apache SpamAssassin [message #145032] |
Wed, 13 February 2019 01:25  |
 |
jcooper
Messages: 113
Registered: May 2009
Location: Syracuse, NY
|
|
|
|
Hi,
I run KC for my firm. I've been using the built-in freebie SpamAssassin for years but have lately gotten many more phishing attempts and lots more spam getting through. I've been hesitant to go to BitDefender because I don't know what it will do to performance (since it seems to send headed out to their servers) and don't like that my users can't help "teach" it what spam is with the junk/not-junk buttons.
What's everyone else's experience? Is it that much better or is the difference negligible? Also, how do you handle false positives? I assume it just flags it as junk and I can use a rule to put it in my junkmail box?
Thanks,
Jeff
|
|
|
|
|
|
| Re: BitDefender vs Apache SpamAssassin [message #145038 is a reply to message #145033] |
Wed, 13 February 2019 14:04  |
Maerad
Messages: 275
Registered: August 2013
|
|
|
|
There is a slight misunderstanding. If you use bitdefender, you can actually combine both spam assassin and bit defender. I use this for ages now and it works really well. Users can still select a mail as spam.
On the CPU load side, you won't see much of it, if any. Bitdefender sends a hash and some anonymous data to see if the mail is suspected as spam. Thats it.
Works really well with SA, but we still get spams. Sadly there is no way in blocking all spam, because you could overfilter then and maybe kill a legit mail. Sucks that some Users can't grasp the difference between a Newsletter and a real spam mail. And adding the newsletter as spam then. 
For the data send (URL:https://manuals.gfi.com/en/kerio/connect/content/server -configuration/antispam/kerio-anti-spam-filter-1886.html?csh id=1886)
What data is sent to Bitdefender
Kerio Connect doesn't send any information that could be used to identify a specific person, such as content of the original e-mail body, attached images, or attached files.
Bitdefender online scanning service receives the following information via HTTPS:
The sender and the sender's IP address of the original message from the email SMTP envelope.
The e-mail message fingerprint, a set of cryptographic hashes on different parts of the e-mail headers and body. The hashes are irreversible. Kerio Connect doesn't send the original email body.
URLs, e-mail addresses and telephone numbers contained in the body of the scanned e-mail message
MD5 hashes of:
The FROM address, FROM domain and REPLY-TO address
Certain types of attachments, for example, Microsoft Office documents, PDFs, executable files
The hashes of images embedded in the messages. The actual images are not transmitted. |
|
|
|
| Re: BitDefender vs Apache SpamAssassin [message #145041 is a reply to message #145033] |
Wed, 13 February 2019 14:19 |
|
jcooper
Messages: 113
Registered: May 2009
Location: Syracuse, NY
|
|
|
|
On KC, I have SORBS DNSBL, SORBS RHSBL, and WPBL turned on, set to add 5.0 to score. We have a Sophos gateway, and it has spamcop and spamhaus enabled (which is why I don't bother turning them on in Kerio).
I've tried messing around with custom rules to flag emails with http[s] but ending with a country code to minimize phishing, but I have yet to work out a regex pattern that works.
Thanks!
Jeff
|
|
|
|
| Re: BitDefender vs Apache SpamAssassin [message #145042 is a reply to message #145041] |
Wed, 13 February 2019 16:23 |
 |
martin.kaufmann
Messages: 101
Registered: August 2018
Location: Germany
|
|
|
|
We also have a sophos in front of our kerio mail server.
Blacklists are zen.spamhaus.com and manitu in combination with grey listing and thats all.
We don´t even have antispam enabled on the kerio box - and no hassles with spam at all.
I think it is possible to fine tune your filters to solve your antispam problem - without bitdefender.
Regards,
Martin
Kerio Connect 9.3.1 p1
CentOS 7
(until May ´22)
[Updated on: Wed, 13 February 2019 16:28] Report message to a moderator |
|
|
|
Members
Search
Help
Register
Login
Home
