Hallo, -------------------------------------------------- From: "Steve" <[email protected]> Sent: Friday, July 31, 2009 1:41 PM To: <[email protected]> Subject: Re: [Dspam-user] Dealing SPAM - extended feature request?
> > -------- Original-Nachricht -------- >> Datum: Fri, 31 Jul 2009 09:38:50 +0200 >> Von: Sebastian Toepfer <[email protected]> >> An: [email protected] >> Betreff: Re: [Dspam-user] Dealing SPAM - extended feature request? > >> On Fri, 31 Jul 2009 01:28:02 +0200, "Steve" <[email protected]> wrote: >> > -------- Original-Nachricht -------- >> >> Datum: Thu, 30 Jul 2009 20:40:50 +0200 >> >> Von: "Sebastian Toepfer" <[email protected]> >> >> An: [email protected] >> >> Betreff: Re: [Dspam-user] Dealing SPAM - extended feature request? >> > >> >> Hallo, >> >> >> > Hallo Sebastian, >> > >> Hallo, >> > >> >> I'm bad and make a top post. >> >> >> > Ab in die Ecke und schäme Dich!!! >> > >> erledigt. >> > > Aha! Wireless keyboard in the corner and you type from there? Or long > cable? :) :) > > yup wireless. >> > >> >> I think it was nice when a user can do the following: >> >> low spam rate => tagging mail - not learn(toe) >> >> >> > dspam_admin change preference [email protected] >> > "trainingMode" "TOE" >> > >> > >> >> medium rate => quarantine - learn(teft?) >> >> >> > dspam_admin change preference [email protected] >> > "trainingMode" "TEFT" >> > >> > >> >> high rate => drop mail (deleted or so should configured by admin, >> because >> >> >> >> statutory provisions - think gobal quarantine was nice, so admin can >> >> recovery mails) - not learn >> >> >> > The drop mail part is not build into DSPAM. But doing that with >> something >> > like procmail, maildrop, sieve or other tools is no big issue. >> > >> No, not for all mails for the given spamrate only. >> >> Nicht für alle emails, nur für die konfigurierte spamrate. Wenn ich >> micht >> recht entsinne hattest du mal erklärt das dein Setup an den Grenzen lernt >> und sowas ähnliches stelle ich mir hier auch vor. >> > Aha. Yes. My training script uses a thickness border in each class and I > use that thickness border (or factor) to enforce training if a message is > scoring into the correct class but did not score at least "thickness" > above the decision threshold of the class. > > It's rather something you only would use on a verified corpus but not in > live processing of messages. The only situations where I could think to > use something like that in live processing would be where we would have a > neural network of other DSPAM instances and should a message score in a > certain thickness border (ranging into both classes (HAM/SPAM)) then we > could ask the other nodes in our neural network how they would classify > the message in question and then use their combined result for making a > decision. Or we could use a thickness border (again like above ranging in > both classes) and should a message hit into that thickness border we could > use semi statistical data to get a higher confidence/probability of our > classification. Such an semi-statistical data could be RBL lookups, > trusted path of delivery (aka: [IP of sender]->[IP of next hop from the > viewpoint of sender]->[next hop]->[next hop]->[next hop etc...]->[IP of > your MTA] and use that combination in such a way like we use now the > automatic whitelisting), Whitelist Lookups (aka: WL), ASN BL/WL or doing > things like recently mentioned in the study about SNARE (Spatio-temporal > Network-level Automatic Reputation Engine) -> > http://www.technologyreview.com/communications/23086/. > Okay only for initinal training. > >> High Rate spam ist >> immer >> wirklich spam so drop it (speichere ausserhalb der user-quarantine), >> > I would not confirm that. What is an external indicator (without reading > the mail) that a mail is SPAM? The confidence factor? The probability? If > that would be so easy then we would never have false positives and/or > false negatives. Okay 2 vs. 1 ... stupid idea. But you really mean a message where dspam say is it 100% probability and 100% confidence spam it can be ham? And it make no sense to have different action on spams? Sebastian ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Dspam-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspam-user
