Random thoughts, etc.

18 Nov 2004 00:22:40 -0000 

- from jm: network test, do dnsbl lookups on the helo hostname
- predictive autolearn?  do check before bayes_check, if we are likely to
  autolearn, go r/w instead of r/o.  can implement on first bayes_check call.
- don't bother caching full/decoded/etc at start in PMS.  how much caching do
  we do now?  multiple times in PMS?  may not be an issue due to references.

- short circuiting ideas:
        - set certain rules as SC if hit
                USER_IN_WHITELIST, USER_IN_BLACKLIST (not DEF)
                *BSP*
                HABEAS*
        - allow SC on ham score (ie: < #)
        - allow SC on spam score (ie: > #)
        - should autolearn skip SC msgs?  should we always do autolearn in the
          appropriate direction?
        - AWL should be skipped during SC
        - SC rules should have a negative priority so they run first
        - do *not* do score check per rule, do it either per priority or rule
          type (header, body, etc.)
        - SC will require is_spam SC as score + required_hits will be at odds
        - add SC header macro (get_tag)
        - SC for S/O 1.000 rules?  how about S/O near 1?  BAYES_99, etc.

        Some form of order/priority rearrangement:

        Blacklist               short
        Whitelist               user/admin wants it
        BSP/Habeas              reputable, non-forgable
        Other SC Rules          as early as possible
        Other Local Rules       lightweight
        Bayes                   don't do it unless we have to
        Network                 large latency, try to avoid

- update ideas:
        - use updates.spamassassin.org, reverse version numbers:
                0.0.3.updates.spamassassin.org
                        TXT record w/ last update timestamp
                        use a version for result?  something parsable?
                        "v=1 ts=yyymmdd", etc?
                can do wildcard for generics:
                        *.0.3 ...
                allows updates per version if necessary
        - rules + scores only imho
        - leave code + plugins to normal releases.  less security issues,
          people aren't going to be as comfortable with frequent code updates.
        - how to specify where people should go to get updates?  can't use
          apache dist since it's archived, takes too long to get updates out?
        - can do round robin A RRs, but that requires same path for all
          mirrors
        - can use TXT RRs, but klugy
        - central "mirrors" file on main site?
        - include per version w/ wildcard in list?
        - separate mirrors file per major/minor version?
        - how to secure?
                - GPG signature preferred
                - MD5 and SHA1 otherwise?
                - always hitting main site for verification negates some
                  usefulness of mirrors.

-- 
Randomly Generated Tagline:
"You ripped his arm off.
  Yeah ...  He had a spare."            - From the movie Action Jackson

Attachment: pgp5dlTVaDx9x.pgp
Description: PGP signature

Reply via email to