From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED]
Sent: Thu 3/3/2005 17:51
To: Shelby Moore
Cc: [email protected]
Subject: Re: Serious Proposal to add AccuTechnology(tm) to SpamAssassin (SA)
Shelby Moore wrote:
>>The privacy issue isn't that
the message is being sent over the network
>>again, but that it is
being sent to a third party company.
>
> Understood and that is why
I said it is a decision (controlled by) the installer.
>
> Whereas,
I contrasted that sender has no control over privacy (no control over the 3rd
parties he sends to).
>
> In other words, there is no individual
email privacy.
There's a big difference in the "level of privacy" between
sending an
email from the sender's MTA to the recipients MX, than there is
doing
the same and then also sending a copy to some third
company.
Yes, end-user's would be able to choose whether or not they sent
a copy
to you, but more people would use it if they didn't have
to.
>>Many companies can't even LEGALLY do that (send a copy of
the message to
>>your company). Many can't do the same for
contractual reasons, and many
>>more can't do it
ethically.
>
> Sure they can, if it is part of their ISP
services.
No they can't. There's a reason people run email services
in house. I
deal with some of the largest manufacturing companies in
the world, and
they wouldn't deal with me if I were to outsource my
mail. They'll
tolerate the risk of it passing across the network, but
not it sitting
on anyone else's server.
>>Figure out a way
to generate the hash, or whatever, on the client side.
>
> That is
whole point. It isn't a hash method.
Again, I'm only talking about
an adoption point of view... in your
benefit. If your final computation
needs the actual body text, you're
pretty much out of luck.
'SpamAssassin' isn't going to include
something in the distribution that is
so lax when it comes to privacy.
>>>Thus, on the one hand, I
can argue that our proposal is equivalent to
>>
>>Razor, and
thus to be fair you either include ours (or you disable Razor...
>>but
I am not suggesting this).
>>
>>Hardly. Many, many years
separate your proposal and the addition of
>>Razor to
SpamAssassin. Time alone makes a huge difference.
>
>
Consistency should not hinge on who is first.
Things change. Razor
pre-dates the move to the ASF if I'm not mistaken.
Not that it really
matters.
It would be inconsistent for the SpamAssassin project to bow to
the
wishes of apparent vapourware. Write the plugin (it's easy,
really!)
and then propose that it be included in the
distribution.
>>>Thus I would agree there are only two
possible reasonable approaches:
>>>
>>>A) Make a
plugin
>>>
>>>B) Include in main (as done for Razor),
but set it OFF by default
>>
>>As has been said before, *Razor
is a plugin*.
>
> And it is ON by default.
And it doesn't
result in a *huge* privacy concern for the end-user. It
also
exists. Write the plugin. *If the code is good*, the results
are
good, and you can *eliminate* the privacy concens, I don't see why
it
wouldn't be included and enabled, like
Razor.
>>>CONCLUSION:
>>>At this point, I am
strongly leaning towards a plugin.
>>
>>That's good, because
that's the only way it'll happen. If DCC,
>>DomainKeys, Pyzor,
Razor2, SPF, SpamCop and URIDNSBL can exist as
>>plugins so can your
thing.
>
>
>
> It was never an issue of how it is
coded. The central issue is whether it is ON or OFF by
default.
Addressed above... write the plugin, *eliminate* the privacy
concens.
'SpamAssassin' is not going to distribute a product that open's a
user
to any significant privacy concern by default (Razor doesn't),
since
there are too many people that blindly install the
software.
>>>To push me in that direction and to show
SpamAssassin is not against
>>
>>people making money with
plugins (to prove there isn't a religious stigma),
>>would you folks
kindly appease my desire to properly link the CustomPlugins
>>page as
requested in following post??????????
>>
>>As of yet there's
no need to link the third party software page to the
>>custom plugin
page, since there are no commercial plugins (and people
>>are finding
the custom plugins as they are now). Write your plugin,
and
>>then see if the appropriate person will add the link you
desire.
>
> If you can not make a simple link or at least agreeing
to make it, that sort of shows you are not interested in me investing in your
product.
No one said a link couldn't be made. I only pointed out
that there is
no need for a link (from the *commercial software* page) at the
present
time as there *is no commercial software* on the custom plugin
page.
When the time comes that there is commercial software on the
custom
plugin page, I'm sure someone from the PMC would be happy to create
the
link you desire.
>>>And I suggest we have discussion
(in other thread) whether Razor should be
>>
>>a plugin
also. But this is not a religious thing for me. I do NOT
view
>>Razor/CloudMark as a competitor at
all.
>>
>>Again, Razor is a plugin... no discussion
needed.
>
>
> Whether is should be ON or OFF by
default.
Razor, no privacy concerns, ON
Accu, privacy concerns,
OFF
Daryl
