RE: Bayes spam and ham out of proportion
On Thu, 29 Apr 2010 18:32:04 +0200 Giampaolo Tomassoni g.tomass...@libero.it wrote: what you need to do write a script that divides the metadata num_spam value and all the token Nspam counts by 3. The updated database can then be loaded back in with --restore. I don't know if this is going to be effective. After all, this way you are basically lowering the effectiveness of all the spam tokens, even potentially remarkable ones. Correct, but if those counts came from autolearning 90% of spam and 30% of ham, then rescaling may be the correct thing to do. It may also be pragmatic, if a high spam/ham ratio is leading to FPs, to keep the learned ratio closer to 1:1 than the actual ratio. I was almost thinking your statement of pragmatism was wrong in principle, but after having checked the bayesian filtering equation and having seen what happens forcing a 1:1 ratio in the number of received spam messages over ham ones, I see that it is: P'(S|W) = P(S|W) iff P(H) = P(S) which is, the probability of a message being spam because it contains word W is lower after forcing the 1:1 ratio iff the original probability of a message (irrespective to its content) to be ham is lower than the probability of it to be spam. Which is the case. However, the fact that Frank's database comes from about three-times more spam messages then ham ones, means his bayes learned 75% of spam and 25% of ham. This is in line with world statistics about spam, which roughly are around 70%-80% spam. So, while your approach may yield a lower rate in FPs (which is a very important result), it doesn't mean that Bayes is going to be more precise in the overall. This is because the bayes filtering equation is designed around the fact that the probability of receiving a spam message is very different (i.e.: greater) than the opposite, in order to better mime real-world data. I would instead, in order of effectiveness: a) expire old tokens; Token retention is a good thing. The only reason for ageing-out tokens is to limit the database size. This is not the only reason to ageing-out tokens. Ham and spam tokens evolve with time. There is a point at which a token's nspam and nham occurrences don't reflect anymore current world. Expiring them would get (partially) rid of stale data. Expiring old tokens also means adapting to a changing world. Please note from this point of view the SA implementation of the bayesian filtering is less than optimal, since it doesn't expire tokens which roll out of a given time window, but instead the ones which had not been seen anymore for a while. The reason for this is of course to keep database size and workload low. b) eliminate tokens with very few ham/spam occurrences. Some Bayesian filters, such as dspam, allow low-count tokens to be aged-out quicker, but the point of that is to free-up space for longer retention of high-count tokens. There's no other reason for deleting them. Either a low-count token is never seen again, in which case it's just wasting space, or we are still learning it's frequencies, in which case resetting the counters makes no sense. My suggestion would not mean that one had to do b) and/or c) every day. It is something that one may do once in a year, so that the error introduced in removing currently learning tokens is low and limited in time. c) eliminate tokens with very close nham to nspam values; This is only superficially appealing - similar arguments apply to b. What's the point in deleting a token with counts of 7483:7922 when an hour later it might be back at 2:0? 2:0 means a definitive answer about token spamminess or hamminess. Removing tokens where nham ~ nspam means discarding the history of a token which actually doesn't play any role, letting it to have a new chance in current world. Let say 7483 is nham, then: P(S) = .75 P(H) = .25 P(S|W) = 7922*.75 / (7922*.75 + 7483*.25) ~ .76 an hour later it is: P(S|W) = 7922*.75 / (7922*.75 + 7485*.25) ~ .76 which is the same: this token doesn't help anymore. Instead, with a nham=2 and a nspam=0 you get: P(S|W) = 0*.75 / (0*.75 + 2*.25) = 0 i.e.: a definitive answer. The same is of course true with nspam=2 and nham=0, so this token may seem dangerous, but please note that SA uses a *naive* bayesian filter, so that you are going to put together the P(S|W) for each W in the message (not only this one), and you didn't forget all the tokens: only the ones which were not storing any interesting information anymore. I don't see anything here that would reduce FPs, b and c simply free-up some space, but a means you are not taking any advantage of it. Mine wasn't a short term solution. It was instead meant to bring tokens to a new life. Anyway, if you fear the dangers of some short-term misbehavior after applying b) or c), I have a more conservative approach. Disable the token expiration functionality
[OT] was SORBS
Here's the chuckle Mail transport error, MTSPro SMTP Relay Agent could not deliver the following message for users@spamassassin.apache.org. Reason: 550 Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?217.36.54.209 --==-- Original Message Headers Follow --==-- Received: from snakepit.bleh (snakepit.bleh [192.168.2.32]) by blue-canoe.org.uk (envelope-sender ni...@blue-canoe.com) with ESMTPA (MTSPro MTSSmtp 1.61) for users@spamassassin.apache.org; Fri, 30 Apr 2010 11:25:10 +0100 From: Nigel Frankcom ni...@blue-canoe.com To: SpamAssassin users@spamassassin.apache.org Subject: [OT] Was SORBS Date: Fri, 30 Apr 2010 11:25:09 +0100 Organization: Blue Canoe Networks Message-ID: kfblt5t3h1mksks6taaa9r1kohe1psj...@blue-canoe.net X-Mailer: Forte Agent 6.00/32.1186 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Abuse-Report-URL: http://www.blue-canoe.net/abuse X-Envelope-Sender: ni...@blue-canoe.com X-Envelope-Receiver: users@spamassassin.apache.org Here's my message :-D Hi All, First a big thanks to all those who offered advice and actively assisted in getting my SORBS problem resolved. BT have admitted they screwed things up with SORBS a while ago and, at least on an individual level, regret that. That aside, they have worked hard and with patience and professionalism to help me get this resolved. For those of you with BT accounts that find yourself in the same situation, give me a shout and I'll happily pass on the info for the people and departments I worked with... Someone may read the archives :-D Once again, thanks one and all for your help and support (and to the list admins for not yelling at me to say this had nothing to do with SA :-D) Cheers all Nigel
Re: [OT] was SORBS
On Fri, 2010-04-30 at 11:46 +0100, n.frank...@gmail.com wrote: Here's the chuckle Mail transport error, MTSPro SMTP Relay Agent could not deliver the following message for users@spamassassin.apache.org. Reason: 550 Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?217.36.54.209 And has it taken you all that time to get BT to add this to their whois: descr: Single Static IP Addresses Man, that is quality service. I take it you've spoken with phone: +44 207 777 7766 fax-no: +44 1524 34523 e-mail: steve.r.wri...@bt.com e-mail: ab...@bt.net remarks:trouble: 1st Line Support remarks:Please send delisting issues to btnet...@bt.net ... and they have actually spoken with SORBS? The old bucket still holds water. It is your ISP that needs to resolve this - as a customer you can do nothing. Really they should have dealt with this a long time ago. I've lost track of it, is this two weeks later now? Really - you should sack your ISP and go to someone competent. You may fair better taking this to the SPAM-L mailing list where you may find someone that actually cares. Here you will only get generic opinion and nothing tangible to help. Spam-l mailing list - http://spam-l.com/mailman/listinfo/spam-l
Re: [OT] was SORBS
On 4/30/2010 7:43 AM, corpus.defero wrote: On Fri, 2010-04-30 at 11:46 +0100, n.frank...@gmail.com wrote: Here's the chuckle Mail transport error, MTSPro SMTP Relay Agent could not deliver the following message for users@spamassassin.apache.org. Reason: 550 Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?217.36.54.209 The old bucket still holds water. It is your ISP that needs to resolve this - as a customer you can do nothing. Really they should have dealt with this a long time ago. I've lost track of it, is this two weeks later now? Really - you should sack your ISP and go to someone competent. First, I'd like to point out that not everyone has the option of changing ISP's. Believe it or not, there are many folks who have only one choice for high-speed internet access (myself included). Second. The fact that a mail server rejects, outright, based on something so false-positivity as a db for dynamic ip's is irresponsible on the part of the admin. Sure, add some spammy points and do a scan but an outright rejection? -lee
Re: [OT] was SORBS
On Fri, 2010-04-30 at 08:43 -0400, Lee Dilkie wrote: On 4/30/2010 7:43 AM, corpus.defero wrote: On Fri, 2010-04-30 at 11:46 +0100, n.frank...@gmail.com wrote: Here's the chuckle Mail transport error, MTSPro SMTP Relay Agent could not deliver the following message for users@spamassassin.apache.org. Reason: 550 Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?217.36.54.209 The old bucket still holds water. It is your ISP that needs to resolve this - as a customer you can do nothing. Really they should have dealt with this a long time ago. I've lost track of it, is this two weeks later now? Really - you should sack your ISP and go to someone competent. First, I'd like to point out that not everyone has the option of changing ISP's. Believe it or not, there are many folks who have only one choice for high-speed internet access (myself included). Second. The fact that a mail server rejects, outright, based on something so false-positivity as a db for dynamic ip's is irresponsible on the part of the admin. Sure, add some spammy points and do a scan but an outright rejection? -lee Without wishing to come accross rude. I accept your points as they are, in part, valid. But; 1. In this case the OP has a choice and has elected to trust a notoriously awful former state owned ISP to deal with it. 2. No mail server rejects based on SORBS. It rejected where admins choose to implement SORBS at an SMTP level. Doing so they are usually well aware of the caveats of using SORBS. 3. This is all irrelevant to the Spamassassin list. Like I say there may be some opinion here, there may be mixed advice here, but there is no resolution or listening ear here. Michelle 'listens' to NANAE and SPAM-L last time I checked, but again it's an issue for BT to deal with. The fact the OP has to go around chasing this is a clear indication of failure of his ISP. It's blunt, but it's really that simple.
Re: [OT] was SORBS
On Fri, 2010-04-30 at 08:43 -0400, Lee Dilkie wrote: First, I'd like to point out that not everyone has the option of changing ISP's. Believe it or not, there are many folks who have only one choice for high-speed internet access (myself included). However, that doesn't apply to the OP, who is using British Telecom as his ISP. My broadband connection goes through the local BT exchange and copper after that, but BT has never been my ISP. I initially used Demon as my ISP, switching to my current ISP (who subcontract broadband connectivity to a third party, *not* BT) when I discovered that Demon didn't offer a suitable package that included domain registration. The OP can do exactly what I did. Out of pure curiosity, what is there about the broadband set-up in your locality that could prevent you from doing something similar? Are both your broadband provider and your ISP monopolies? Martin
Re: Bayes spam and ham out of proportion
On Fri, 30 Apr 2010 11:53:49 +0200 Giampaolo Tomassoni g.tomass...@libero.it wrote: Correct, but if those counts came from autolearning 90% of spam and 30% of ham, then rescaling may be the correct thing to do. It may also be pragmatic, if a high spam/ham ratio is leading to FPs, to keep the learned ratio closer to 1:1 than the actual ratio. I was almost thinking your statement of pragmatism was wrong in principle, but after having checked the bayesian filtering equation and having seen what happens forcing a 1:1 ratio in the number of received spam messages over ham ones, I see that it is: The first case is mathematically correct - note that I wrote 30% *of* ham, not 30% ham. Where the imbalance is due to unbalanced selective learning, token rescaling brings the ratio back in line with the actual ratio in received mail. The OP said he was using very conservative autolearning thresholds, which can lead to unbalanced selective learning. The second case, the pragmatic reason, doesn't appeal to theory, so it can't be wrong on principle. In any case, real-world statistical spam filters are constructed out of a combination of sound statistics used in a dubious way, empirical equations and downright kludges. a) expire old tokens; Token retention is a good thing. The only reason for ageing-out tokens is to limit the database size. This is not the only reason to ageing-out tokens. Ham and spam tokens evolve with time. ... This is not a good way of making the system more responsive to change. Giving more weight to recent learning, or something like DSPAM's train-until-mature mode are better ways of doing that. If you want a simple way of doing it, you might try periodically halving all token counts where ham+spam200. Please note from this point of view the SA implementation of the bayesian filtering is less than optimal, since it doesn't expire tokens which roll out of a given time window, Bayesian filter that don't update timestamps are avoiding a write-lock, they aren't trying to do the right thing. c) eliminate tokens with very close nham to nspam values; This is only superficially appealing - similar arguments apply to b. What's the point in deleting a token with counts of 7483:7922 when an hour later it might be back at 2:0? 2:0 means a definitive answer about token spamminess or hamminess. Removing tokens where nham ~ nspam means discarding the history of a token which actually doesn't play any role, letting it to have a new chance in current world. 2:0 is good spam indicator in a new token, in a token that previously had counts 7483:7922, it's almost certainly a fluctuation. By deleting such tokens you overwhelmingly replace useful information with noise.
Re: [OT] was SORBS
On 4/30/10 8:22 AM, Martin Gregorie mar...@gregorie.org wrote: On Fri, 2010-04-30 at 08:43 -0400, Lee Dilkie wrote: First, I'd like to point out that not everyone has the option of changing ISP's. Believe it or not, there are many folks who have only one choice for high-speed internet access (myself included). However, that doesn't apply to the OP, who is using British Telecom as his ISP. My broadband connection goes through the local BT exchange and copper after that, but BT has never been my ISP. I initially used Demon as my ISP, switching to my current ISP (who subcontract broadband connectivity to a third party, *not* BT) when I discovered that Demon didn't offer a suitable package that included domain registration. The OP can do exactly what I did. Out of pure curiosity, what is there about the broadband set-up in your locality that could prevent you from doing something similar? Are both your broadband provider and your ISP monopolies? For me, it was the case the last time I renegotiated my contract for my business-class broadband at home. Short of bringing in a T1 at $600-$1000/month, I had exactly one choice for a provider that would provide me with a static /29 and a SWIP record - the monopoly cable provider. In another year or so I'll see if the monopoly POTS provider can provide the service I need - they promise the moon in their advertisements but balk really fast when you start to ask specific, tangible questions. -- Daniel J McDonald, CCIE # 2495, CISSP # 78281
Re: [OT] was SORBS
On Fri, 2010-04-30 at 10:10 -0500, Daniel McDonald wrote: On 4/30/10 8:22 AM, Martin Gregorie mar...@gregorie.org wrote: On Fri, 2010-04-30 at 08:43 -0400, Lee Dilkie wrote: First, I'd like to point out that not everyone has the option of changing ISP's. Believe it or not, there are many folks who have only one choice for high-speed internet access (myself included). However, that doesn't apply to the OP, who is using British Telecom as his ISP. My broadband connection goes through the local BT exchange and copper after that, but BT has never been my ISP. I initially used Demon as my ISP, switching to my current ISP (who subcontract broadband connectivity to a third party, *not* BT) when I discovered that Demon didn't offer a suitable package that included domain registration. The OP can do exactly what I did. Out of pure curiosity, what is there about the broadband set-up in your locality that could prevent you from doing something similar? Are both your broadband provider and your ISP monopolies? For me, it was the case the last time I renegotiated my contract for my business-class broadband at home. Short of bringing in a T1 at $600-$1000/month, I had exactly one choice for a provider that would provide me with a static /29 and a SWIP record - the monopoly cable provider. In another year or so I'll see if the monopoly POTS provider can provide the service I need - they promise the moon in their advertisements but balk really fast when you start to ask specific, tangible questions. I have a number of friends who concur that the US small-business broadband scene is seriously poor so I feel your pain. I can remember the hassle one guy had trying to get a static IP out of Warners. They wanted to up his subscription by a factor of three. In the UK we are really lucky in most cases that we can pick and choose good providers and change fairly easily without it costing an arm and a leg.
Re: [OT] was SORBS
On Fri, 30 Apr 2010 14:22:16 +0100, Martin Gregorie mar...@gregorie.org wrote: On Fri, 2010-04-30 at 08:43 -0400, Lee Dilkie wrote: First, I'd like to point out that not everyone has the option of changing ISP's. Believe it or not, there are many folks who have only one choice for high-speed internet access (myself included). However, that doesn't apply to the OP, who is using British Telecom as his ISP. My broadband connection goes through the local BT exchange and copper after that, but BT has never been my ISP. I initially used Demon as my ISP, switching to my current ISP (who subcontract broadband connectivity to a third party, *not* BT) when I discovered that Demon didn't offer a suitable package that included domain registration. The OP can do exactly what I did. Out of pure curiosity, what is there about the broadband set-up in your locality that could prevent you from doing something similar? Are both your broadband provider and your ISP monopolies? Martin We're on a BT only exchange here so it's them or nothing, well not quite, I could go CoLo... hmmm maybe not, or satellite, I was involved in setting that up in Cyprus. I guess the bottom line is that this is always going to be an issue and it's as much to do with how you deal with your upline suppliers as how you deal with the lists (rbl etc). I may not agree with them all on an individual basis, but life is what it is, I have to work within the constraints imposed on me. I cannot complain about SORBS, though I did, they have a fixed set of rules. If I or my upline provider fails.. well, such is life. BT for what it's worth are very aware of their market and the issues, with luck they and SORBS will open a dialogue. As admins we face and deal with issues every day, sometimes it's nice to know that others out there are listening and, where they can, acting. I have a lot of karma to repay :-D Now, if the SA list would let me post from 'home'. I'd be copacetic :-D All the best Nigel
Re: [OT] was SORBS
On Fri, 2010-04-30 at 16:50 +0100, Nigel Frankcom wrote: We're on a BT only exchange here so it's them or nothing, well not quite, I could go CoLo... hmmm maybe not, or satellite, I was involved in setting that up in Cyprus. Nigel Is there such a thing? I appreciate many are not unbundled, but the BTW agreement means you should have no problems getting a wires-only with someone like Zen, IDNET or Newnet. Believe me, the service just pee's over BT.
Re: [OT] was SORBS
On Fri, 30 Apr 2010 16:59:57 +0100, corpus.defero corpus.def...@idnet.com wrote: On Fri, 2010-04-30 at 16:50 +0100, Nigel Frankcom wrote: We're on a BT only exchange here so it's them or nothing, well not quite, I could go CoLo... hmmm maybe not, or satellite, I was involved in setting that up in Cyprus. Nigel Is there such a thing? I appreciate many are not unbundled, but the BTW agreement means you should have no problems getting a wires-only with someone like Zen, IDNET or Newnet. Believe me, the service just pee's over BT. Fair point. I live in a small village right on the end of a spur. After being burgled at my town offices I moved the whole dammed shebang home and now run it from my own server room. BT may not be the best, but they (or rather OpenReach) own the lines, exchange and pretty much all else... plus they have helped. If I go through a third party I end up with at least one more level of 'have you re-booted your router' etc. Bottom line, I'd rather solve a problem than work round it. As it happens I have a second IP off the range that I could have used, but that would have meant a lot of DNS work etc (and DNS and I are not good friends). IMHO solving is better than blaming. My original post was a request for advice and help. I got a lot of both... plus a lot of opinion. Kind regards Nigel
Re: [OT] was SORBS
On Fri, 2010-04-30 at 17:19 +0100, Nigel Frankcom wrote: On Fri, 30 Apr 2010 16:59:57 +0100, corpus.defero corpus.def...@idnet.com wrote: On Fri, 2010-04-30 at 16:50 +0100, Nigel Frankcom wrote: We're on a BT only exchange here so it's them or nothing, well not quite, I could go CoLo... hmmm maybe not, or satellite, I was involved in setting that up in Cyprus. Nigel Is there such a thing? I appreciate many are not unbundled, but the BTW agreement means you should have no problems getting a wires-only with someone like Zen, IDNET or Newnet. Believe me, the service just pee's over BT. Fair point. I live in a small village right on the end of a spur. After being burgled at my town offices I moved the whole dammed shebang home and now run it from my own server room. There is nothing wrong with that - it makes good environmental sense as well as security sense. BT may not be the best, but they (or rather OpenReach) own the lines, exchange and pretty much all else... plus they have helped. Having spent 16 years with them I know the ins and outs. Openreach were not allowed to show any favouritism to BT customers and went out of their way for 'other licensed operators'. Many BT folk of X years service found the notion of Openreach rather unpalatable and went out of their way to be awkward to native BT customers. I'm not sure if that attitude subset still exists but there really was an attitude towards all things BT. But good on your for sticking with them. If I go through a third party I end up with at least one more level of 'have you re-booted your router' etc. That depends on who you go with. People like Zen, IDNET, aaisp, Newnet are actually much better than BT at dealing with issues - and usually much more knowledgeable. This SORBS issue would not even be an issue with them as they had the brains to sort out their space - rather than just try and cluelessly blindmug sell it so SOHO's. Bottom line, I'd rather solve a problem than work round it. As it happens I have a second IP off the range that I could have used, but that would have meant a lot of DNS work etc (and DNS and I are not good friends). I admire the spirit and good luck with it. If the Lib Dems win the election they may find a whole in their mad ideas to offer treatment for those with delusional misguided belief in BT syndrome. (DMBBT). IMHO solving is better than blaming. My original post was a request for advice and help. I got a lot of both... plus a lot of opinion. You knew that would happen. Being a BT customer is nearly as bad as being a spammer {joke} have a good weekend. Kind regards Nigel
Re: [OT] was SORBS
On Fri, 30 Apr 2010 17:48:49 +0100, corpus.defero corpus.def...@idnet.com wrote: On Fri, 2010-04-30 at 17:19 +0100, Nigel Frankcom wrote: On Fri, 30 Apr 2010 16:59:57 +0100, corpus.defero corpus.def...@idnet.com wrote: On Fri, 2010-04-30 at 16:50 +0100, Nigel Frankcom wrote: We're on a BT only exchange here so it's them or nothing, well not quite, I could go CoLo... hmmm maybe not, or satellite, I was involved in setting that up in Cyprus. Nigel Is there such a thing? I appreciate many are not unbundled, but the BTW agreement means you should have no problems getting a wires-only with someone like Zen, IDNET or Newnet. Believe me, the service just pee's over BT. Fair point. I live in a small village right on the end of a spur. After being burgled at my town offices I moved the whole dammed shebang home and now run it from my own server room. There is nothing wrong with that - it makes good environmental sense as well as security sense. BT may not be the best, but they (or rather OpenReach) own the lines, exchange and pretty much all else... plus they have helped. Having spent 16 years with them I know the ins and outs. Openreach were not allowed to show any favouritism to BT customers and went out of their way for 'other licensed operators'. Many BT folk of X years service found the notion of Openreach rather unpalatable and went out of their way to be awkward to native BT customers. I'm not sure if that attitude subset still exists but there really was an attitude towards all things BT. But good on your for sticking with them. If I go through a third party I end up with at least one more level of 'have you re-booted your router' etc. That depends on who you go with. People like Zen, IDNET, aaisp, Newnet are actually much better than BT at dealing with issues - and usually much more knowledgeable. This SORBS issue would not even be an issue with them as they had the brains to sort out their space - rather than just try and cluelessly blindmug sell it so SOHO's. Bottom line, I'd rather solve a problem than work round it. As it happens I have a second IP off the range that I could have used, but that would have meant a lot of DNS work etc (and DNS and I are not good friends). I admire the spirit and good luck with it. If the Lib Dems win the election they may find a whole in their mad ideas to offer treatment for those with delusional misguided belief in BT syndrome. (DMBBT). IMHO solving is better than blaming. My original post was a request for advice and help. I got a lot of both... plus a lot of opinion. You knew that would happen. Being a BT customer is nearly as bad as being a spammer {joke} have a good weekend. Kind regards Nigel The world 'aint perfect, but we work with what we have. I'm just happy it's sorted. With luck anyone that hits similar issues will pick up on this and yell. I may take a line or two off different suppliers to se how close promises and actuality meet. Best to all Nigel
Re: Whitelisting local domain (spamassassin qmail)
My problem are the client that send mail send mail throught of the SMTP auth. I have prepare a plugin for SpamAssasin, for verify if the email into throught of the SMTP auth or throught of the MX for externals mails. This plugin work becouse I received the email throught of two IP: The first is for external use and the second is for auth clients. You can see this plugin in http://code.google.com/p/qmailsmtpauth/ http://code.google.com/p/qmailsmtpauth/ If you want to try, test with a score of -1, at least until you test it. Im' sorry for my bad English El 27/04/10 11:59, Martin Caine escribió: We're using qmail with qmail-scanner (personally I'd prefer switching to postfix but it's not practical to do that at the moment. I'll see if I can find out how to add the auth information into the headers. Thanks
Re: [OT] was SORBS
On Fri, 30 Apr 2010, Nigel Frankcom wrote: We're on a BT only exchange here so it's them or nothing, well not quite, I could go CoLo... hmmm maybe not, or satellite, I was involved in setting that up in Cyprus. How about a cheap hosted VPS to handle your outbound mail? If that's all it's doing then you don't need all that much oomph. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Individual liberties are always loopholes to absolute authority. --- 8 days until the 65th anniversary of VE day
Re: [OT] was SORBS
Nigel Frankcom wrote: We're on a BT only exchange here so it's them or nothing, Really? Over ten years ago when I lived in the UK, my first provider was Nildram, I'm sure they didn't run the local exchange. Same here in Switzerland - most of the fibre and copper belongs to Swisscom, then Sunrise and Cablecom, but there are many companies who will sell you the connectivity based on a resale of the copper/fibre. /Per Jessen, Zürich
Re: [OT] was SORBS
corpus.defero wrote: 2. No mail server rejects based on SORBS. It rejected where admins choose to implement SORBS at an SMTP level. Same thing. /Per Jessen, Zürich
Re: [OT] was SORBS
On Fri, 2010-04-30 at 21:09 +0200, Per Jessen wrote: corpus.defero wrote: 2. No mail server rejects based on SORBS. It rejected where admins choose to implement SORBS at an SMTP level. Same thing. /Per Jessen, Zürich Key point is the admin has made a choice and is aware of that. On the other hand they may be using SORBS in SA as part of a score shifter - nothing more. The OP can ask the recipient to whitelist his IP if he has a trading relationship with them. If not, then chances are his mail is unsolicited regardless of his SORBS listing. It's just a point of view - nothing more.
IP reputation data collection protocol
We at Roaring Penguin Software have built a system to collect IP reputation information. We'd like to collaborate on an open standard, lightweight protocol for reporting and collecting this information. Our current implementation has been in active use for a while now, so we feel it's a stable enough starting point for community discussion. If anyone in the SpamAssassin community is interested in taking a look, we have an internet draft available for comments, as well as a mailing list for further discussion. Please see http://www.mimedefang.org/reputation for details. If you're interested in discussing it, or collaborating, we'd like if it you would join the mailing list (see above URL) so that we can try and keep the discussion all in one place. Cheers, Dave -- Dave O'Neill d...@roaringpenguin.comRoaring Penguin Software Inc. +1 (613) 231-6599http://www.roaringpenguin.com/ For CanIt technical support, please mail: supp...@roaringpenguin.com
Re: [OT] was SORBS
corpus.defero wrote: On Fri, 2010-04-30 at 21:09 +0200, Per Jessen wrote: corpus.defero wrote: 2. No mail server rejects based on SORBS. It rejected where admins choose to implement SORBS at an SMTP level. Same thing. /Per Jessen, Zürich Key point is the admin has made a choice and is aware of that. Agree. /Per Jessen, Zürich