The system must:
1) Have some algorithm for increasing the trust of a reporter automatically based on their good submissions.
2) It must have a strong mechanism for penalizing bad reporters based on revokes from trusted users. Reporters configured using bad spamtraps that wind up reporting every post to a given legitimate mailing list must be reduced to the point their input is completely ignored.
As a caveat to 1) To be secure, there must be no way for a malicious user to artificially increase his score by sending 'don't care' spams and then reporting them. It should also be impractical for a malicious user to increase their score to absurdly high levels by aggressively reporting emails from competing spammers.
As a caveat to 2) It needs to be impossible for a malicious user who has somehow gained a reasonable level of trust to send spam and then use the report function to drive the trust score of a legitimate reporter down.
There's arguments about security based on how much it takes to build and to loose trust, but in the case of Razor it is very easy for a spammer to open several accounts, build their trust, and then leverage that trust to decimate the scores of legitimate reporters.
It's unfortunately very difficult to meet the needs of 2) without making it so that a trusted user can do more harm to others than they will do to themselves by back stabbing others.
At 01:28 PM 10/28/2002 -0500, you wrote:
This feels like another case of security through obscurity though. It would seem that having a public review of the algorithms would not only lead to fixing possible holes in the algorithm, but would also continue to lead to the development of more Free Software that can only help Razor.
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
