Your message dated Fri, 14 Jan 2005 13:45:34 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#290520: spamassassin: please do not criminalise end users,
users behind dynamic IP, lower or remove DUL test default score
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 14 Jan 2005 15:54:36 +0000
>From [EMAIL PROTECTED] Fri Jan 14 07:54:36 2005
Return-path: <[EMAIL PROTECTED]>
Received: from attique.org (mx.attique.org) [81.56.103.59]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CpTmW-0004l0-00; Fri, 14 Jan 2005 07:54:36 -0800
Received: from root by mx.attique.org with local (Exim 4.34)
id 1CpTm5-0004YO-2D; Fri, 14 Jan 2005 16:54:09 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="ISO-8859-1"
From: Mathieu Roy <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: spamassassin: please do not criminalise end users, users behind
dynamic IP,
lower or remove DUL test default score
X-Mailer: reportbug 3.2
Date: Fri, 14 Jan 2005 16:54:08 +0100
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: spamassassin
Version: 3.0.2-1
Severity: normal
With spamassassin 3.0.0, I got such result:
0.1 RCVD_IN_SORBS_DUL RBL: Envoy� directement depuis une adresse IP
dynamique
[151.24.72.136 listed in dnsbl.sorbs.net]
1.7 RCVD_IN_NJABL_DUL RBL: NJABL: Envoy� depuis une adresse IP dynamique
[151.24.72.136 listed in combined.njabl.org]
While it was effectively a spam caught, DUL/Dynamic IP scoring (1.7) is quite
problematic.
- The score increase with each DNSbl you use, even if they use the
exact same source
- Why the hell freedom to run a server should not be given to someone
behind dynamic IP? Restricting users freedom is a very sensitive issue,
I do not think software shipped by Debian by default should
criminalize dynamic IP users by assuming they are guilty of something.
So, would it be possible to have the DUL test deactivated by default, or with a
score less important (0.1 is fine)? It is good that a piece of software like
spamassassin get distributed widely. Spam will be less and less commercially
interesting. But it should not cost end users freedom to run a server, don't
you agree?
People that run DUL DNSbl warn users about DUL list usage. The problem here is
that someone may filter DUL users without even noticing it, just like if it
were an absolutely reliable anti-spam criterion.
Regards,
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-1-686
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
Versions of packages spamassassin depends on:
ii debconf 1.4.30.11 Debian configuration management sy
ii libdigest-sha1-perl 2.10-1 NIST SHA-1 message digest algorith
ii libhtml-parser-perl 3.36-1 A collection of modules that parse
ii perl [libstorable-perl] 5.8.4-5 Larry Wall's Practical Extraction
ii spamc 3.0.2-1 Client for SpamAssassin spam filte
-- debconf information:
spamassassin/upgrade/2.40:
spamassassin/upgrade/2.40w:
spamassassin/upgrade/cancel: Continue
spamassassin/upgrade/2.42m: No
spamassassin/upgrade/2.42u: No
---------------------------------------
Received: (at 290520-done) by bugs.debian.org; 14 Jan 2005 18:46:08 +0000
>From [EMAIL PROTECTED] Fri Jan 14 10:46:08 2005
Return-path: <[EMAIL PROTECTED]>
Received: from smtp104.rog.mail.re2.yahoo.com [206.190.36.82]
by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
id 1CpWSV-000635-00; Fri, 14 Jan 2005 10:46:07 -0800
Received: from unknown (HELO gold.daf.ddts.net) ([EMAIL
PROTECTED]@24.226.82.175 with login)
by smtp104.rog.mail.re2.yahoo.com with SMTP; 14 Jan 2005 18:45:37 -0000
Received: from duncf by gold.daf.ddts.net with local (Exim 4.34)
id 1CpWRy-0003Ef-DO
for [EMAIL PROTECTED]; Fri, 14 Jan 2005 13:45:34 -0500
Date: Fri, 14 Jan 2005 13:45:34 -0500
From: Duncan Findlay <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Bug#290520: spamassassin: please do not criminalise end users,
users behind dynamic IP, lower or remove DUL test default score
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="bp/iNruPH9dso1Pn"
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.1 required=4.0 tests=BAYES_44,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--bp/iNruPH9dso1Pn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jan 14, 2005 at 04:54:08PM +0100, Mathieu Roy wrote:
> While it was effectively a spam caught, DUL/Dynamic IP scoring (1.7) is q=
uite problematic.=20
> =09
> - The score increase with each DNSbl you use, even if they use the
> exact same source
Yep, but that was taken into account by the scoring mechanism.
> - Why the hell freedom to run a server should not be given to someone
> behind dynamic IP? Restricting users freedom is a very sensitive issue,
> I do not think software shipped by Debian by default should=20
> criminalize dynamic IP users by assuming they are guilty of something.
People with dynamic IPs are free to run servers. However, it has
proven to be a spam sign. What users SHOULD do, is run their own
server, but route their mail through their ISP's SMTP server. (exim
smarthost)
> So, would it be possible to have the DUL test deactivated by
> default, or with a score less important (0.1 is fine)? It is good
> that a piece of software like spamassassin get distributed
> widely. Spam will be less and less commercially interesting. But it
> should not cost end users freedom to run a server, don't you agree?
See above.
> People that run DUL DNSbl warn users about DUL list usage. The
> problem here is that someone may filter DUL users without even
> noticing it, just like if it were an absolutely reliable anti-spam
> criterion.
It is not enough to make a non-spam message scored as such. (with
default threshold)
--=20
Duncan Findlay
--bp/iNruPH9dso1Pn
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB6BNOqjUzNGvmnNARAmW8AJ9VSOkWQF0aITD8lI3jOIBFYS4ECACfVFEa
ayFCH77U/DWWwjYkvK+/5cI=
=OsfS
-----END PGP SIGNATURE-----
--bp/iNruPH9dso1Pn--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
