-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Duncan Findlay writes: > On Wed, Jan 14, 2004 at 01:26:31PM -0500, Theo Van Dinter wrote: > > On Wed, Jan 14, 2004 at 01:10:18PM -0500, Duncan Findlay wrote: > > > Is there a fix for all the bayes poison stuff in 2.62? That's my biggest > > > issue right now with 2.61. > > > > Not really, there's no fix for it in 2.70 either. Invisible text and > > html/text differences are (relatively) easy to pick out, but most of > > the bayes poisoning stuff I've seen is just random visible valid words > > in mail, typically at the end. > > > > I can't think of any rule that would pick up on that as a trick unless > > we put in full language parsing. > > Usually it's after the </html>. And often three lines in the text > part, usually longer words, rarely words like a or the, etc. > > I'm not really sure why these mails seem to not get hit -- the bayes > poisoning stuff should have no effect, but they do -- I think they're > pretty carefully crafted. We *could* backport some rules from 2.70 CVS -- the NETIP rules and the one that detects bayes-poison formatting are working very well for me, and I'm catching all those spams again. (I use autolearning only, and some of these were getting through despite Bayes because I hadn't retrained on them, so I threw some 70_cvs rules into my local.cf.) If we do this, I suggest we *don't* do a GA run; just estimate a rough score from a few mass-checks. (a GA run is too much overhead for ~5 added rules.) PS: I know a GA run would be preferable -- but we need a way to react more quickly for this kind of situation, which will always arise, and hardline rules can be bent slightly now and again IMO. ;) - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Exmh CVS iD8DBQFABZ6wQTcbUG5Y7woRAknfAKCa3HCo0mkK0qDsJrkXhlgdOyRcWACg4HY7 9BOx2S7S2dTl1xdJjlzOl34= =yMAB -----END PGP SIGNATURE-----
