Re: [sniffer] New RuleBot F002 Online
Pete, I would definitely like to see rules classified for what they are based on instead of the content, but certainly I don't expect to see that without a major new release. Rules such as those based phrases, IP's, domains, patterns, and viruses all have different accuracies and issues. If you were also to group them in a similar way, we could tag multiple rules for a single message so that for instance a phrase and a domain both hit on the same message. My logs show that I average 3 matches for every final result. If this becomes a plan, I would proceed very carefully since doing it in a way that could cause a lot of cross-over pollution would make comboing such things for a higher score unwise. I would in fact recommend creating something like 4 groups; 1) IP's, 2) Domains, E-mail addresses & Links, 3) Patterns (like domain patterns and obfuscation), and 4) Content. There shouldn't be any crossover of FP's in such a thing, so multiple hits would be stronger. In relation to the placement of RuleBot F002 results, I would just favor pretty much anything but the 60 and 63 groups because they are scored lower due to FP's on my system, and it has generally been said by others that this is the case on theirs as well. F002 has the appearance of being hyper-accurate, and it would help if it was placed in a group with other hyper accurate results. Even placing it in 61 (Experimental) would be preferred over 60. Thanks, Matt Pete McNeil wrote: On Friday, March 10, 2006, 3:41:00 PM, Darin wrote: DC> Totally agree. I'd like to see some separation between rules created by DC> newer rulebots and preexisting rules. That way if there becomes an issue DC> with a bot, we can turn off one group quickly and easily. There is no way to do this without completely reorganizing the result codes or defeating the competitive ranking mechanisms. If you feel strongly about it I can move these rule groups to lower numbers on your local rulebase or make some other numbering scheme - but I don't recommend it. Moving these rule groups to lower numbers would cause them to win competitions with other rules where they would normally not win. At some point in the future we might renumber the rule groups again, but I like to avoid this since there are so many folks that just don't get the message (no matter what we do to publish it) when we make changes like this and so any large scale changes tend to cause confusion for very long periods. For example: I still, on occasion, have questions about the gray-hosting group which has not existed for quite a long time. So far there has not been one FP reported on bot F002 and extremely few on F001 - the vast majority of those associated with the very first group of listings prior to the last two upgrades for the bot. _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
Re: Re[2]: [sniffer] New RuleBot F002 Online
Hi Pete, Don't worry about customizing our local rulebase for this. Just take this as a simple suggestion for future segregation to make it easy for new rulesets to be addressed differently in weighting schemes. Thanks for all of your efforts! Darin. - Original Message - From: "Pete McNeil" <[EMAIL PROTECTED]> To: "Darin Cox" Sent: Monday, March 13, 2006 10:23 AM Subject: Re[2]: [sniffer] New RuleBot F002 Online On Friday, March 10, 2006, 3:41:00 PM, Darin wrote: DC> Totally agree. I'd like to see some separation between rules created by DC> newer rulebots and preexisting rules. That way if there becomes an issue DC> with a bot, we can turn off one group quickly and easily. There is no way to do this without completely reorganizing the result codes or defeating the competitive ranking mechanisms. If you feel strongly about it I can move these rule groups to lower numbers on your local rulebase or make some other numbering scheme - but I don't recommend it. Moving these rule groups to lower numbers would cause them to win competitions with other rules where they would normally not win. At some point in the future we might renumber the rule groups again, but I like to avoid this since there are so many folks that just don't get the message (no matter what we do to publish it) when we make changes like this and so any large scale changes tend to cause confusion for very long periods. For example: I still, on occasion, have questions about the gray-hosting group which has not existed for quite a long time. So far there has not been one FP reported on bot F002 and extremely few on F001 - the vast majority of those associated with the very first group of listings prior to the last two upgrades for the bot. _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
Re[2]: [sniffer] New RuleBot F002 Online
On Friday, March 10, 2006, 3:41:00 PM, Darin wrote: DC> Totally agree. I'd like to see some separation between rules created by DC> newer rulebots and preexisting rules. That way if there becomes an issue DC> with a bot, we can turn off one group quickly and easily. There is no way to do this without completely reorganizing the result codes or defeating the competitive ranking mechanisms. If you feel strongly about it I can move these rule groups to lower numbers on your local rulebase or make some other numbering scheme - but I don't recommend it. Moving these rule groups to lower numbers would cause them to win competitions with other rules where they would normally not win. At some point in the future we might renumber the rule groups again, but I like to avoid this since there are so many folks that just don't get the message (no matter what we do to publish it) when we make changes like this and so any large scale changes tend to cause confusion for very long periods. For example: I still, on occasion, have questions about the gray-hosting group which has not existed for quite a long time. So far there has not been one FP reported on bot F002 and extremely few on F001 - the vast majority of those associated with the very first group of listings prior to the last two upgrades for the bot. _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
