Vernon Schryver <[EMAIL PROTECTED]> wrote: > > Concerning false positives for this mailing list--it would be wise to > define what mail is legitimate. In many places, you must accept at > least 99.9% of all even remotely legitimate mail. However, this context > is different. Here a boolean "good/spam" is simplistic and wrong. > Instead we have a spectrum: > > 1. on-topic messages from subscribers > 2. on-topic messages from non-subscribers > 3. noise from subscribers > 4. noise from non-subscribers > 5. pure spam such as advertisements for loan sharks
Agreed that these categories exist. Alas, we cannot necessarily tell them apart. :^( > In this list, only #1 is clearly "good." I'd greatly prefer to avoid flame-wars about how much difference there is between #1 and #2... Personally, I consider the question pointless because we don't have any dependable way to tell them apart. Please realize how trivially easy it is to harvest poster addresses from archives and forge those as From addresses. > It is good to avoid rejecting #2, but there is surely no harm in > sometimes delaying #2. I do not agree that there is "surely no harm". (But I'd _really_ rather not argue that question.) > If the senders of any rejected or "false positive" #2 received an > informative non-delivery report so that they could retransmit, what > would be the harm? I _won't_ discuss the possible harm... But Vernon's point that a prompt non-delivery report minimizes the possible harm is an excellent one. > SpamAssassin is reported to be better than 60% accurate. #2 is surely > rare compared to #1. Thus, as long as SpamAssassin white-lists all > subscribers, there would be no harm in the occasional rejection of #2. This is where I must disagree. Whitelisting something as easily forged as the From address is simply wrong -- and if it is published rule, we're sure to see spammers forging whitelisted From addresses as their standard operating practice. If, OTOH, Vernon would like to whitelist the combination of From address and IP address of the sending SMTP server, that could be a very worthwhile practice, virtually immune to spammer forging. -- John Leslie <[EMAIL PROTECTED]>
