If you know how to explain what a, “Legitimate” message is, *BEFORE* it arrives, to a machine … I’d very much like to hear it.
Me too.
I have hand-sorted more than 1.5 million messages over the past 13 years, and there are *ALWAYS* messages that get dropped into the "don't know" category---ones where I can't tell whether it's legitimate or not.
You can't explain it to a machine because you can't even figure it out yourself 100% of the time. And your decision may vary depending on time of day, whatever you had for breakfast, what you read in the news the last week, and what your manager asked you about two weeks before.
After watching every major anti-spam engine in action, I observe that there are vast differences in the philosophy of "what is spam" from different anti-spam engineering teams. Some of these show up as knobs in the config that you can twiddle, but often it's just "this product works this way and if you don't like it, there are others to choose from."
In addition, the definition of "legitimate" has varied over time. There are few that would argue that phishing should not be trapped and blocked today, but 10 years ago what we now call "whale phishing"---one-to-one non-commercial non-bulk messages, sometimes between friends---would have gotten through every mail filter.
I'm all for better machine learning and smarter mail filter technology, but it's a long-term war with a clever and persistent enemy. Any mail security gateway product/service that doesn't have an active engineering team constantly working on explaining what a "legitimate" message is to their software will be useless in a very short period of time.
jms -- Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719 Senior Partner, Opus One Phone: +1 520 324 0494 j...@opus1.com http://www.opus1.com/jms _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
