>These tests appear to be experimental. Could you
>comment on what they attempt to detect ?
They are experimental.
The HEUR test was put into beta a long time ago, but never made it out of
beta. In theory (and in reality in a test lab), it was close to the
ultimate spam test: It would catch up to 85% of all spam, while getting
few if any false positives (in our tests, it had 0 false positives out of
over 4,000 "legitimate" E-mails to test, if I recall correctly). But once
it moved into real life, there were a lot of mailing lists and other
legitimate bulk mailings that would trigger it (such as Microsoft and NY
Times mailings that use a few very spam-like techniques in their headres).
The PROBES test hasn't gone into beta yet (and may never officially go into
beta). It is designed to catch probes testing to see if you are an open
relay. It has a debatable positive use, and a negative use. The
(debatably) positive use is for open relays that will catch most/all
outgoing spam (such as with our Declude Hijack), to help prevent them from
getting on open relay databases. The negative is that it could be used by
fully open relays to reduce their chances of getting into the open relay
databases.
-Scott
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". You can E-mail
[EMAIL PROTECTED] for assistance. You can visit our web
site at http://www.declude.com .
