Hello Justin, Daniel, Monday, June 21, 2004, 10:30:54 PM, you wrote:
JM> +0.9 on those proposed changes. JM> Only 1 change: I would suggest that legit bounce messages, where you (the JM> user) sends a ham (obviously ;) mail and it bounces, should be retained in JM> the ham corpus where they occur. I can see the reason for most of Daniel's suggestions, and while I think 12 months is too short a period for ham (I'd favor 18 or 24 months), I could live with that. But agreeing with Justin above, I ask why >> 4. no messages with envelope-sender of <> or <[EMAIL PROTECTED]> to >> remove bounces Ham bounces (valid bounces of ham sent from our systems) are ham, and should be in the ham corpus. Spam bounces (blind bounces of spam sent back to forged or faked from addresses) are spam, often containing the content of the spam as well as the notification. I can see that many systems may not be able to differentiate between them, and so excluding all bounces might be necessary for those, but a bounce sent to [EMAIL PROTECTED] is IMO unquestionably spam. For that matter, this applies equally well to virus notification messages sent to [EMAIL PROTECTED] -- those with the virus attached will be removed by your qualification 3, but those that just notify a forged or faked address should be blocked or flagged, and IMO by SA since there is no other viable tool I'm aware of which can do so. >> 5. no mailing list moderation administative messages since these also >> contain spam They also contain ham. If a system administrator can differentiate between them, why shouldn't the spam messages be in a spam corpus, and the ham messages in a ham corpus? Bob Menschel
