Jeff Chan <[EMAIL PROTECTED]> writes:
> Can you cite some examples of FP-prevention strategies?
1. Automated testing. We're testing URLs (web sites). That allows a
large number of strategies which could be used from each aspect of
the URL.
A record
check other blacklists
check IP owner against SBL
domain name
check name servers in other blacklists
check registrar
check age of domain (SenderBase information)
check ISP / IP block owner (SenderBase, SBL, etc.)
web content
check web site for common spam web site content (porn, drugs, credit
card forms, empty top-level page, etc.)
Any of those can also be used in concert with threshold tuning. For
example, lower thresholds if a good blacklist hits and somewhat
higher thresholds for older domains.
2. Building up a long and accurate whitelist of good URLs over time
would also help. Maybe work with places that vouch for domain's
anti-spam policies (Habeas, BondedSender, IADB) to develop longer
whitelists.
3. Using a corpus to tune results and thresholds (also whitelist
seeding).
Daniel
--
Daniel Quinlan anti-spam (SpamAssassin), Linux,
http://www.pathname.com/~quinlan/ and open source consulting
