Hi
Bit of an unusal question but ive been getting increasing questions of
why spamassasin didnt classify an email as spam.
When I look at the mail its normally an opt-in mailing list of some
kind and therefore spamassasin is correct in not classifying it as spam.
I was on icsa's anti-spam consortium, trying to create a 'specification'
on anti-spam systems so they could certify them (quit after verizon
bought them.. )
6 hours of the first 8 hour meeting was on trying to define 'spam'
(because one of the specs was a minimum capture rate, and a maximum fp rate)
gotaa define spam first!
uce? bulk? what?
'spam is email you didn't want'.
we decided it is UNSOLICITED COMMERCIAL EMAIL.
You are right though, if this is CONFIRMED OPT-IN, then the user asked
for it, it is BULK, it might be Commercial, but it is not UNSOLICITED.
its not spam.
'OPT-OUT' (or opt-in, where someone other than user opted you in.. like
the list manager, IS SPAM)
but that doesn't solve your problem.
we tell users not to click on opt-out buttons because it confirms their
email address. unless they remember opting in :-).
I have had numerous conversations with users explaining opt-in mailing
lists are not spam - if you dont want it unsubscribe to it, however
its getting so frequent now I was wondering if anyone had created a
set of rules that would fire on the characteristics of mailling lists?
e.g. unsubscribe links in the email, CANSPAM mentioned in body etc...
use, SA has tests for lots of unsubscribe/opt./out links, but they use
them to trigger 'spam', not to try to see who is sending can spam email.
and, guess what: a fully legal, 'opt out' email list, can spam
compliant, with full physical address, unsub instructions, and truthful
subject line can still be spam if user did not opt-in themselves.
Then when someone complains ill enable the rules to stop them
bothering me.
If not ill look at writing some myself, if anyone has suggestions on
what to look for on opt-in lists please let me know.
some of the PAID reputation lists, have 'credits' for opt-in lists, look
at some of the 'nice' rules for hints.
(YMMV.. the sender is paying someone else to let their email in because
they feel it is likely going to be caught by sa otherwise)
I mentioned in an earlier email about the Freebsd SA update, DCC.
DCC goes the other way, sorta, and it will set higher scores on BULK
email (yes, even bulk email you opted in to)
If you use the build in SA credits, and offset them with the DCC bulk
scores, it still would not help you, because:
if the list owner has a good ip reputation, and your user opted in, the
ip reputation rbls would still be giving them credit.
real answer?
get smarter users!
you can make something foolproof, but not idiot proof.
ps, publish an SLA. offer accuracy SLA's on 'BUSINESS CRITICAL EMAIL',
not just email.
SA will most likely score as spam that joke your brother in law sent.
is that SPAM?
it is sure bulk, and has lots of 'cruft' in it, by the time he has
gotten it forwarded to him by 20 people.
did you want it? no.
is it COMMERCIAL? no.
is it SPAM?
heck yes, I didn't want it :-)
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com/
______________________________________________________________________
