I use my whitelist and bayesian matchers/mailets in the following way:
1) I have the WhiteListManager process every mail, in order to
automatically collect the fact that, if I send a mail to someone, he
should be in my personal whitelist because is a legitimate mail
correspondent of mine. Moreover the mailet manages explicit inserts and
deletes of addresses in my personal whitelist.
2) The BayesianAnalysis mailet determines the "spammity" probability of
the email.
3) If such probability is higher than or equal to 99%, *and the sender
is not in the whitelist* (and oviously is not SmtpAuthenticated), I have
a special "spam treatment" done to the email: for certain users (like
myself) the email is ghosted after being stored in a "spam" folder just
in case.
So the whitelist is used to very effectively reduce the risk of spam
*false positives* coming from other methods.
If a spammer spoofs the sender address he must be *very* precise to get
through (he must know my personal email correspondents), and this would
just become a *rare* "false negative": who cares?
So I think that the whitelist techniques are useful :-)
Vincenzo
Noel J. Bergman wrote:
Easy enough to write, but please consider that it is also basically useless,
since anyone can trivially spoof the sender address, unless you also require
SMTP AUTH, in which case the whitelist becomes merely redundant.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
