Hi, I am currently looking into spam filtering on a mail relay (i.e. filtering mails coming into an external mail server, which will relay mails to the inner network). I.e. (most) users are not defined on that external server, there is no chance whatsoever that users can be made known to that server. The MTA is postfix. I must heavily insist on extremely low false-positive rates, even if this means more spams not being identified as such. Mails also will be tagged only and passed on, not rejected or anything (for spams anyway - not necessarily in the case of viruses). I can't exclude based on countries, as it is perfectly conceivable that people will receive legitimate emails from china or korea etc. Also, using "hot" blacklists like SpamCop is out of the question, as these (from my own experience) are not reliable (false positives, blacklisting legitimate servers etc.). I have tests running with a combination of SpamAssassin (directly tied into postfix, via the daemon version) and amavisd-new/clamav for the antivirus part. These tests look interesting, but I quite obviously need to fine- tune the SpamAssassin configuration (using Debian defaults right now - I'm not happy with the ID rate). I'm looking into dspam right now, but this seems to make quite some use of feedback from users, which I don't have here, so that's not useful. I was wondering what other spamfilter might be interesting in this context (i.e. no training by users). Also, I was wondering how to best "burn" an email address so it will receive lots of spam. I did post into a couple of usenet groups (alt.test, de.test), but didn't receive much other than viruses. Any ideas? Greets & thanks, Eric