On 15-Dec-2009, at 09:42, Charles Gregory wrote: > On Tue, 15 Dec 2009, Martin Gregorie wrote: >> Clarification: I, for one, was only proposing that the whitelisting >> plugins and rules that query external databases are removed from the >> standard ruleset and sa_update and placed in a separate library of >> optional rules. > > The 'issue' (as I see it) is that a great many servers install a 'standard' > SA 'package', quite possibly just the one that came as a 'supported' version > with their OS distro. So it is important to not simply exclude from that > 'core' SA install anything that is contentious, but to make the best possible > assessment of all rules, including whitelist rules, which will have the best > chances of catching spam with few FP's.
The trouble with that is exactly what is happening now, people getting spam through because HABEAS has a −8.0 score in the standard config. This is exactly what we want to avoid in the future. -- You've never heard of the Millennium Falcon?
