Hi Rik
You may to have a look at "Vipul's Razor" Specifically: (from: <http://razor.sourceforge.net/docs/whatsnew.php> feature #8) ---- Truth Evaluation System (TeS) Razor v2 has a transparent, back-end component known as TeS. TeS is a combination of a reputation system and pattern recognition heuristics that assigns trust to reporters and confidence values (between 0-100) to every signature. Users can set an acceptable confidence level in their Razor configuration. The server also publishes a recommended confidence level. TeS has been designed to eliminate false positives of legit bulk email that were occasionally generated by bad reports in Razor v1. ---- General overview: <http://razor.sourceforge.net/> --- May 16,2003 - Razor-agents 2.36 released! The release of Vipul's Razor v2.36 is now available for public download. The software is comprised of two source packages, razor-agents and razor-agents-sdk that can be downloaded by following these links: * razor-agents-sdk-2.03 * razor-agents-2.36 What is Vipul's Razor? Vipul's Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures. -- Rafi ## On 2003-09-27 12:04 -0400 Rik van Riel typed: RvR> RvR> On Thu, 25 Sep 2003, Stewart, William C (Bill), RTSLS wrote: RvR> RvR> > Distributing an RBL list is the easy part. RvR> RvR> Why stop there ? RvR> RvR> The generating of the list itself can be a P2P thing too. RvR> RvR> You could peer with a group of people you trust and exchange the RvR> list of IP addresses that send crap into each other's spamtraps. RvR> RvR> Then block IP addresses that have sent crap (measured by SA?) into RvR> the spamtraps of multiple people, or come up with other nice metrics. RvR> RvR> I'm sure you can come up with all kinds of tricks here. RvR> RvR> I started a project with this goal a while ago, but to my shame it RvR> still hasn't moved beyond the "spamtrap fed blocklist" stage yet, RvR> we simply haven't gotten around to writing the p2p parts yet. ;( RvR> RvR> I'd appreciate help though ;) RvR> RvR> http://spamikaze.nl.linux.org/ RvR> RvR> Rik RvR>
