On 18/12/2009 3:32 AM, Christian Brel wrote:
> On Fri, 18 Dec 2009 02:24:45 -0500
> "Daryl C. W. O'Shea" <spamassas...@dostech.ca> wrote:
>
>> Reputation type rules (such as DNSWLs) are probably the only (or
>> certainly one of the very few) types of rules that you can weight
>> heavily negatively. This is due to the nature of an open source
>> product (or even given enough time to game a closed source product).
>> Content based rules are very often easily beaten. If we could have a
>> body rule that looks for "this mail is good" and assign a -20 score
>> we would. Clearly that would not work.
>
> With the kindest of respect, I have to disagree with this.
How the following text supports your disagreement I don't know. But
I'll agree to disagree.
> If for
> argument sake five blocklists with no business {or other} relationship
> with Spamassassin flag an IP for spamming, then it's a good bet
> that they are correct and any perceived negativity is earned. How this
> impacts on Spamassassin is dependent on the scores set - which comes
> back to you and the developers - so the arguement not only has not
> legs, it has no arms either. Consider that blocklists are often
> universally trusted to be sat on the SMTP connection level ahead of
> Spamassassin, whereas the suggestion of doing that with Habeas as a
> whitelist would be pure comedy gold :-)
>
>> Again, find me a commercial white list that wants to be included in
>> SpamAssassin on a "free for use basis" and I'll pay for the phone call
>> to talk to them. Seriously.
> I shake my head in utter disbelief at this comment, and I'm sure that
> Apache Sponsor Barracuda AKA 'emailreg.org' will have just pricked up
> their ears.
So what if they do. We'll test it and judge it on stats (not random FPs
or stories about friends who had a bad employment experience). If it
works good it works good, if it doesn't we won't use it and they'll
understand.
>> I'm pretty sure I brought up the SA developers' *long* standing
>> principle of being as safe as possible for the majority of users by
>> erring on the side of missing spam rather than tagging ham while still
>> putting out a useful product.
>
> It's a fair statement that in using an Antispam 'product' that blocks
> nothing and only assigns a score, the issue of having that score
> reduced in favour of a known commercial bulk mailer is undesirable.
Just so I'm clear, are you equating all commercial bulk mail to spam? I
would disagree if that is the case. You would likely disagree with me
and then I would agree to disagree.
> The statistics may have some interest but can be applied to show there
> is little cause to keep the rule at all if you so wish to bend it the
> other way.
I've already explained my rationale for keeping it. It's a small trade
off to cover the unknown. Our ham corpus is not that large.
> The key is this: I would *never* have known what HABEAS was
> if I had not seen the name in low scoring spam and asked why. It does
> not look like I'm the first to ask either.
You know, it's funny you mention it. I've found out about some
blacklists, even ones now included in SpamAssassin, only because they
caught one-to-one personal emails (that no-one could argue were
commercial) of random people that I know (and who have inquired about
the block).
>> From the data we have from mass-checks we are erring a very small
>> amount on the side of caution by not disabling the whitelists by
>> default.
> It's a big fat favourable score to one organisation for 'erring a very
> small amount on the side of caution' don't you think? -4/-8 given the
> average 419 spam only scores 4-8 points.
Again, we agree. We've changed it in the upcomming release and will
surely backport it when we're done getting 3.3 out. It's been like this
for years, I don't think we need to jump like crazy to change the 3.2
updates before we've even settled on a final score.
> Forgive me but are Return Path
> pulling someones strings here as Puppet Masters?
I really wish they would. I sure could use the money. In 6 or so years
of SA development I've netted me a total of... a $30 book (Thanks Dan!).
If I were to sell that book I'd be a small way towards covering this
month's costs for the sa-update mirrors I run out of my own pocket.
> If everything is open and transparent give the default user the option
> to *enable* them and score them zero, unless - of course - there is
> some kind of logical reason for these mad scoring spam assisting rules
> that favour Return Path in the default set up?
I stand firm on my opinion that our principle of safe for most users is
the logical reason for including DNSWLs.
If you like you can transparently disable the DNSWLs.
Daryl
