On 30 Oct 2018, at 7:07, Cedric Knight wrote:
I'd be grateful for advice as to whether there's merit in filing these
concerns as one or more issues on Bugzilla, or for relevant
background.
I do not believe the codebase is the place to address these issues,
which are addressable in carefully created rules. Because your approach
would hide useful data patterns from rules, it is exactly the wrong way
to go about "solving" a problem with a novel flavor of spam. As John &
Kevin have noted, they have worked on the specific case of the extortion
spams in publicly available rules. I also have an ancient bundle of
rules that I've been adjusting for the modern world and existence
outside of my idiosyncratic environment (where severe FPs are
evaded/mitigated) which is promising and will be public in some way
soon.
Also, change this substantial in the core behavior of SA would be almost
certain to NOT get into 3.4.3, which will be out soon and is likely to
be dominant in production systems for some time despite the (coming
soon) 4.0 release. If this were done in code rather than in rules, it
would never be usable for sites not ready or able to go to 4.0
--
Bill Cole
[email protected] or [email protected]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
