On Sunday, March 6, 2005, 7:45:36 AM, Eric Hall wrote:
> On 3/6/2005 3:25 AM, Matt Kettler wrote:
>> These days spamming is done via botnets
> That's already trapped by sbl+xbl.
sbl-xbl is very good, but it has not and cannot solve the zombie
problem entirely. There's always a lag between zombi
On 3/6/2005 3:25 AM, Matt Kettler wrote:
> These days spamming is done via botnets
That's already trapped by sbl+xbl.
> Adding TLS shouldn't slow them down much, as it's mostly a CPU hit to
> do so...
There's a lot of stuff involved, and there's lots of things to score on.
Here's a couple of
On Sunday, March 6, 2005, 12:16:50 AM, Eric Hall wrote:
> But, compare this to something like scoring against TLS encryption
> strength. Spammers are motivated to send as fast as possible, and strong
> encryption is counter-productive to that mission (increasingly so), and
> they can't fake it beca
At 03:16 AM 3/6/2005, Eric A. Hall wrote:
But, compare this to something like scoring against TLS encryption
strength. Spammers are motivated to send as fast as possible, and strong
encryption is counter-productive to that mission (increasingly so), and
they can't fake it because it can be validate
At 02:58 AM 3/6/2005, Kelson Vibber wrote:
> Yes, my point being that rather than saying "they are not useful" we
> really ought to be working hard on finding ways to add more of them,
> because it is their volume that makes them useful (otoh, having too many
> of them, such that the bar is lowered
On 3/6/2005 2:58 AM, Kelson Vibber wrote:
> A rather extreme example would be the series of rules that targeted mail
> programs that spammers rarely used -- things like Pine, Mutt, Mozilla, etc.
I know you said that this is an extreme example, but it's also a good one
on a couple of different l
On Saturday 05 March 2005 9:54 pm, Eric A. Hall wrote:
> Yes, my point being that rather than saying "they are not useful" we
> really ought to be working hard on finding ways to add more of them,
> because it is their volume that makes them useful (otoh, having too many
> of them, such that the ba
On 3/5/2005 9:00 PM, Jeff Chan wrote:
> On Saturday, March 5, 2005, 11:24:25 AM, Eric Hall wrote:
>
>> On 3/4/2005 1:57 PM, Rob McEwen (PowerView Systems) wrote:
>>
>>> Quinlan: Any technique that tries to identify "good" mail without
>>> authentication backing it up, or some form of personaliz
On Saturday, March 5, 2005, 11:24:25 AM, Eric Hall wrote:
> On 3/4/2005 1:57 PM, Rob McEwen (PowerView Systems) wrote:
>> Quinlan: Any technique that tries to identify "good" mail without
>> authentication backing it up, or some form of personalized training. It
>> worked well for a while, but it'
On 3/4/2005 1:57 PM, Rob McEwen (PowerView Systems) wrote:
> Quinlan: Any technique that tries to identify "good" mail without
> authentication backing it up, or some form of personalized training. It
> worked well for a while, but it's definitely not an effective technique
> today.
I kind of dis
>> using whitelist_from_rcvd), make a lot of sense to me.
>
>If some mentally deficient spammer has the stupidity to maintain an SPF
>record for his spam site that is identified in black lists he probably
>should get some additional Brownie Points for his stupidity, eh?
>
>{^_-}
>
Just came
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
> Kelson wrote:
> > jdow wrote:
> >
> >> Methinks there is a candidate meta rule here. SPF passes and it's in
> >> certain of the BLs leads to a higher score than merely being in the BL.
> >
> >
> > In particular, an SPF (or similar) pass will make RHS
Kelson wrote:
jdow wrote:
Methinks there is a candidate meta rule here. SPF passes and it's in
certain of the BLs leads to a higher score than merely being in the BL.
In particular, an SPF (or similar) pass will make RHSBLs
(right-hand-side blacklists, for those following along) more useful.
I m
jdow wrote:
Methinks there is a candidate meta rule here. SPF passes and it's in
certain of the BLs leads to a higher score than merely being in the BL.
In particular, an SPF (or similar) pass will make RHSBLs
(right-hand-side blacklists, for those following along) more useful.
I mean, if someone
From: "Kris Deugau" <[EMAIL PROTECTED]>
> The only (default) negative rules remaining are for Bayes (varies
> per-system, and often per-user), BondedSender/Habeas/HashCash (sender
> posts a bond with $company, and if they're found to have spammed, they
> lose that bond - details vary), ALL_TRUSTED
From: "Rob McEwen (PowerView Systems)" <[EMAIL PROTECTED]>
> The reason that I ask is because I'm wondering whether whitelisting is
really a good idea. It seems like every article in the world on spam filters
says, "a product MUST allow for whitelisting senders or it is no good".
>
> However:
>
>
On Friday, March 4, 2005, 2:05:52 PM, Daniel Quinlan wrote:
> They also removed the name of the company where I work (IronPort), which
> struck me as a bit odd considering how my job allows me to do open
> source was part of the article. I think my employer deserves some kudos
> for that.
Probabl
"Rob McEwen (PowerView Systems)" <[EMAIL PROTECTED]> writes:
> Quinlan: Any technique that tries to identify "good" mail without
> authentication backing it up, or some form of personalized
> training. It worked well for a while, but it's definitely not an
> effective technique today.
Let me reph
"Rob McEwen (PowerView Systems)" wrote:
> Quinlan: Any technique that tries to identify "good" mail without
> authentication backing it up, or some form of personalized training.
> It worked well for a while, but it's definitely not an effective
> technique today.
>
> Is he referring to a system w
Quinlan: Any technique that tries to identify "good" mail without
authentication backing it up, or some form of personalized training. It worked
well for a while, but it's definitely not an effective technique today.
Is he referring to a system which might assume all mail is spam unless "proven"
>Good interview with Daniel Quinlan about SA:
>
> http://www.osdir.com/Article4419.phtml
>
>Especially:
>
>> OSDir.com: What's the most effective anti-spam technology that
>> SpamAssassin uses right now?
>>
>> Quinlan: I think network rules are the most effective single
>> technology, in partic
21 matches
Mail list logo
