On Mon, Feb 22, 2010 at 8:23 AM, Rich Kulawiec <[email protected]> wrote: > On Mon, Feb 22, 2010 at 07:34:56AM -0500, Dan Kaminsky wrote: >> All I know is that I have a couple of email accounts that get >> negligible amounts of spam. Oh, they're *sent* huge amounts, but they >> receive almost none. > > But this is not the only metric with which to evaluate mail defenses.
I disagree. This is the only metric that matters: In 2007, I got a lot of spam. In 2010, I get a few messages *a month*. A MONTH! > Anyway, one of the direct consequences of this reality is that testing > methodologies need to be very carefully constructed. Anyone who > just plugs boxes from vendors X Y and Z into their network and does a > head-to-head comparison is not going to get a true picture of how those > systems really compare: they're only going to get a limited picture of how > those systems compare at the moment on their network(s) on their ASN(s) > with their domain(s). Spam fighting as a product seems to be having problems. Spam fighting as a service is doing extremely well. Who knows. Maybe the bad guys are reverse engineering all the products, but can't do the same to the services. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
