Re: [mailop] New method of blocking spam

[Yiorgos Adamopoulos]

On Fri, Jan 22, 2016 at 3:23 AM, Michelle Sullivan  wrote:
> If you're doing it just on the subject, ok I'll go with that..

There's an MSc Thesis by Chris Kopsidas (then a student at the
University of Athens, back in 2012) where we worked explicitly on
subject lines of spams that went past SpamAssassin, RBLs and a few
other filters. I thought at the time that since a Subject line is
considerably smaller than most message bodies, trying to infer spam or
ham based on the subject would be faster than checking the whole
message.

I never really got it to production since I had more pressing problems
to deal with, but if anyone is interested, I can put you in contact
with both the guy that implemented the idea and his (then) supervisor.

-- 
"If technology is your thing plan to die reading manuals" --Gene Woolsey

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Ted Cooper]

On 25/01/16 08:57, Dave Warren wrote:
> Bayes is good at categorizing mail, but I don't think "Trying to sell
> something" is necessarily even a spam-sign, lots of legitimate and
> desired mail is trying to sell me something too. At the same time,
> everything I've read about this new method seems to be a slightly
> modified bayes approach (with the twist of taking word pairs or triplets
> into account) and I doubt it will be a real game changer, although it
> may result in some new ways to tune bayes to increase effectiveness.

There's nothing new about the twist - They're called Hapax legomenon,
and it's been built into Spam Assassin for a while - earliest quick
reference I can see is 2007. It's enabled by default. DSPAM also
includes this ability. Token combinations (2-3 word hapax) are also an
option for some program out there, but the instance eludes me at
present. This is probably why no one is jumping up and down with joy at
this FUSSP - we're all already using it.

http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html
> bayes_use_hapaxes (default: 1)
> Should the Bayesian classifier use hapaxes (words/tokens that occur only 
> once) when classifying? This produces significantly better hit-rates.



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[John Levine]

>While all of that is true, IF his claims were true (an idea could 
>magically detect any spam trying to sell you something) would you walk 
>away from a magic pill that completely and perfectly identified one 
>particular type of spam and didn't hit any ham?

Yeah, because the next day the spammers would figure out how to
circumvent it.

>modified bayes approach (with the twist of taking word pairs or triplets 
>into account) and I doubt it will be a real game changer, although it 
>may result in some new ways to tune bayes to increase effectiveness.

There's nothing new about looking at multiple words.  Check out my
Twitter feed at https://twitter.com/svictest which estimates
probablilites of four-word phrases in a bunch of RSS feeds I follow
and uses them to come up with, ah, oracular statements.

R's,
John

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Dave Warren]

On 2016-01-22 19:24, John R Levine wrote:

What get's spammers caught is that eventually they
have to sell you something


Gee, did we drop through a wormhole into 1998 or something?


He's missing a few somethings.
Spammers might not be trying to sell you something.


No kidding.  The classic example is pump and dump, where they're 
trying to get you to call your own stockbroker to buy the stock 
they're touting, with no direct contact at all with the spammer.


Even with stuff like drug spam, the number of throwaway domains and 
redirections between the spam and the payload site is likely to be 
somewhat higher than someone might expect.  A *lot* higher.


While all of that is true, IF his claims were true (an idea could 
magically detect any spam trying to sell you something) would you walk 
away from a magic pill that completely and perfectly identified one 
particular type of spam and didn't hit any ham?


I don't think that this solution is that, but spam filtering has always 
been about multiple layers and approaches, some of which will excel for 
different types of spam, and combining the results of multiple filters 
and rulesets has, in my experience, always worked better than any one 
single approach.


Bayes is good at categorizing mail, but I don't think "Trying to sell 
something" is necessarily even a spam-sign, lots of legitimate and 
desired mail is trying to sell me something too. At the same time, 
everything I've read about this new method seems to be a slightly 
modified bayes approach (with the twist of taking word pairs or triplets 
into account) and I doubt it will be a real game changer, although it 
may result in some new ways to tune bayes to increase effectiveness.



--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[John Levine]

> What get's spammers caught is that eventually they 
>have to sell you something

Gee, did we drop through a wormhole into 1998 or something?

R's,
John

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[David Hofstee]

>... What get's spammers caught is that eventually they have to sell you 
>something 

That includes all of my legitimate customers... If you want I can get you some 
legitimate subject lines :-).

A few points:
- There is a difference between 'real' companies that do stupid/illegal things 
and 'criminal groups' (who run their operation outside of the law, therefore 
all their email is spam). How do you detect the difference?
- For 'real' companies: How do you 'prove' a relationship between the sender 
and recipient for a certain part of content? Example: There might be a 
legitimate relationship between a company and a customer. Company has a crazy 
idea and wants to start emailing its normal newsletter to everyone, with or 
without optin. It has now sent, the same email, to two groups. For the first 
group it is spam, for the second it is ham. 
- I have seen a lot of normal emails being abused by phishing. They basically 
copy 'everything' and put one bad link in it. The only difference is that they 
'sell a little harder' (get a free iPad) or 'create a little bit more fear' 
(you internet will be shut down) than in normal emails that we send. The line 
that you are trying to detect is very thin. But this refers to point #1, 
basically. 

Regarding point #1: I think that Google and MS are doing a good job in 
'wanting' authentication from 'real' companies. I wish they would publish an 
official statement saying that non-authenticated emails get spamfiltered for 
X-points at date X1 and Y-points a few months later, etc etc. 

Met vriendelijke groet,


David Hofstee

Deliverability Management
MailPlus B.V. Netherlands



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Simon Lyall]

On Thu, 21 Jan 2016, Marc Perkel wrote:
Here is a list of 3494938 words and phrases used in the subject line of 
SPAM and never seen in the subject line of HAM


http://www.junkemailfilter.com/data/subject-spam.txt


Well besides all the other objections, I can see all sort of bugs in that 
corpus, eg I search for words that might be in my emails but probably are 
not in yours and got the list below.


Now obviously the main contact you have with Australia and New Zealand is 
people spamming for Ugg Boots and Herbal pills but other people have a 
different profile. Hence all the warnings you find about re-using other 
people's Bayes databases.


auckland, new zealand
new zealand tour
new zealand high
let new zealand
your trusted australian
we offer australian
we sell australian
west australia
trusted australian
true australian
top-quality australian
australia order
australian approved
australian internet
australian manufacturer
australian medicine
australian new zealand
australian original
authentic australian
best australian
books australia
buy australian
in sydney australia
law australia
made in australia
official australian
online australian
the australia
zealand tour
sydney 2016
sydney is
simon the
simon.
new method to



--
Simon Lyall  |  Very Busy  |  Web: http://www.simonlyall.com/
"To stay awake all night adds a day to your life" - Stilgar


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Brielle Bruns]

On 1/21/16 1:45 PM, Marc Perkel wrote:

Just to follow up on this. I'm in the process of improving the filter.
But I have filed my provisional patent so i'm going to give you an
overview of how it works.




As someone who has been involved in spam fighting stuff since 1999 or 
so, hate to burst any kind of magical bubbles, but "been there, done that".


Been doing whitelisting/blacklisting/scoring based on subject lines 
since 2003 or so using SpamAssassin.  Not a new or particularly novel 
idea at all.  Hell, there's whole multi-megabyte .cf files you can grab 
for SA that help with that kind of scoring.


I'm trying to find that checklist that the spam fighting regulars used 
to post whenever someone is all excited about their end-game to spam 
filtering...   Anyone remember a URL for it?



SpamAssassin has been around since...  1997 I think in some form?  You 
might be facing your patent being invalidated by prior art, unless you 
have some magic thing your doing that isn't what SA and other programs 
have been doing since the 90s in some manner.



--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Brielle Bruns]

On 1/22/16 9:24 AM, Neil Jenkins wrote:

On Fri, 22 Jan 2016, at 11:01 AM, Brielle Bruns wrote:

I'm trying to find that checklist that the spam fighting regulars used
to post whenever someone is all excited about their end-game to spam
filtering...   Anyone remember a URL for it?


http://craphound.com/spamsolutions.txt I presume.



Yes!  Thank you.  I haven't had my coffee yet.  :D


--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Carl Byington]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Fri, 2016-01-22 at 09:01 -0700, Brielle Bruns wrote:
> I'm trying to find that checklist that the spam fighting regulars used
> to post whenever someone is all excited about their end-game to spam
> filtering...   Anyone remember a URL for it?

Possibly http://www.rhyolite.com/anti-spam/you-might-be.html


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAlaiXKkACgkQL6j7milTFsHTzwCdHU0iBh6xx8p43FPz/KCvpWpg
G68An39MhXIHXtzJWjmf9iVZR2WUD9K0
=OiDq
-END PGP SIGNATURE-



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Neil Jenkins]

On Fri, 22 Jan 2016, at 11:01 AM, Brielle Bruns wrote:
> I'm trying to find that checklist that the spam fighting regulars used
> to post whenever someone is all excited about their end-game to spam
> filtering...   Anyone remember a URL for it?

http://craphound.com/spamsolutions.txt I presume.

Neil.
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[John R Levine]

What get's spammers caught is that eventually they
have to sell you something


Gee, did we drop through a wormhole into 1998 or something?


He's missing a few somethings.
Spammers might not be trying to sell you something.


No kidding.  The classic example is pump and dump, where they're trying to 
get you to call your own stockbroker to buy the stock they're touting, 
with no direct contact at all with the spammer.


Even with stuff like drug spam, the number of throwaway domains and 
redirections between the spam and the payload site is likely to be 
somewhat higher than someone might expect.  A *lot* higher.


Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Anne Mitchell]

> Here is a list of 5505874 words and phrases used in the subject line of HAM 
> and never seen in the subject line of SPAM
> 
> http://www.junkemailfilter.com/data/subject-ham.txt

Well, until the spammers spider the site, get the list, and incorporate the 
subject lines.

What's to stop spammers from simply adding (as an example) 'let's get dinner' 
to their subject line, and then how does the filter address that?

Anne

Anne P. Mitchell, 
Attorney at Law
CEO/President, 
SuretyMail Email Reputation Certification
Is Email You Send Being Junked? Get to the Inbox Using Your Own Mail System!
http://www.SuretyMail.com/
http://www.SuretyMail.eu/

"Email marketing is the one place where it's better to ask permission than 
forgiveness." - Me

Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Member, California Bar Cyberspace Law Committee
Member, Colorado Cybersecurity Consortium
Ret. Professor of Law, Lincoln Law School of San Jose
303-731-2121 | amitch...@isipp.com | @AnnePMitchell
Facebook/AnnePMitchell  | LinkedIn/in/annemitchell


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Mark Jeftovic]

Wouldn't spammers simply download this list and start using them in spam?

Even absent the list, knowing the methodology is enough to start
countering it.

- mark


On 2016-01-21 3:45 PM, Marc Perkel wrote:
> Just to follow up on this. I'm in the process of improving the filter.
> But I have filed my provisional patent so i'm going to give you an
> overview of how it works.
> 
> Most spam filters work by matching things. Matching ham and spam.
> Matching rules. The important point here in this is this new system I'm
> calling the Evolution filter is about NOT matching.
> 
> Suppose I sent you an email with the subject line "Let's get dinner".
> You can tell instantly this is good email. How? Because spammers never
> say "Let's get dinner".
> 
> There are millions of phrases used in good email every day that are
> never used in spam. And - there are millions of phrases used everyday in
> spam that are never used in good email. So if I get an email that
> matches phrases used in good email and never used in spam - it's a good
> message. And if the messages contains words and phrases used in spam and
> never used in ham - it's spam.
> 
> So - how do I get a list of all phrases never used in ham or never used
> in spam? I make a list of all words and phrases used in ham and spam and
> test to see if it's NOT in the list. To illustrate my point,
> 
> Here is a list of 5505874 words and phrases used in the subject line of
> HAM and never seen in the subject line of SPAM
> 
> http://www.junkemailfilter.com/data/subject-ham.txt
> 
> Here is a list of 3494938 words and phrases used in the subject line of
> SPAM and never seen in the subject line of HAM
> 
> http://www.junkemailfilter.com/data/subject-spam.txt
> 
> The thing about not matching is that matching involves finite sets. Not
> matching involves infinite sets. And infinite sets are always bigger
> than finite sets.
> 
> Here in a link to my patent.
> 
> http://www.junkemailfilter.com/patent/
> 
> What I intend to do is to give it away to the little guys and charge the
> big guys a small license fee. The process of implementing this is fairly
> easy. I'm hoping to encourage the open source world to take this idea
> and do it right. My code it cobbled together and uses 4 different
> languages. But the concept is enough to get you going.
> 
> One thing you will need to implement this is Redis. Redis is extremely
> fast at set comparisons and set comparisons is how this works. It's can
> be expressed as one formula.
> 
> score = card(SpamCorpus intersect TestMessage diff HamCorpus) -
> card(HamCorpus intersect TestMessage diff SpamCorpus)
> 
> I'm seeing an accuracy level that is so close to 100% it's scary. It is
> especially good at actively identifying good email to prevent false
> positives.
> 
> I will post more soon as it all comes together.
> 
> 
> 
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

-- 
Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc.
Company Website: http://easydns.com
Read my blog: http://markable.com
+1-416-535-8672 ext 225

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Marc Perkel]

On 01/21/16 13:12, Anne Mitchell wrote:

Here is a list of 5505874 words and phrases used in the subject line of HAM and 
never seen in the subject line of SPAM

http://www.junkemailfilter.com/data/subject-ham.txt

Well, until the spammers spider the site, get the list, and incorporate the 
subject lines.

What's to stop spammers from simply adding (as an example) 'let's get dinner' 
to their subject line, and then how does the filter address that?



I match a lot of different attributes. So one faked match isn't likely 
to work for them. What get's spammers caught is that eventually they 
have to sell you something because they want you to do something and 
they have to convince you. So that's what gets them caught.


But - the most important thing about this new method is that it is even 
better at identifying ham. So good email doesn't get blocked.



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Marc Perkel]

Because it works on NOT matching instead of matching they don't get the 
same advantages as matching systems. If they try to fake one of those 
subjects it only helps them pass one of hundreds of tests. So at best 
their fake will make an opportunity to detect ham become neutral on the 
phrase.


Poisoning doesn't work against my system. Misspelling makes it easier to 
identify spammers. And eventually the spammer has to convince you to do 
something and that's where they get caught.



On 01/21/16 13:17, Mark Jeftovic wrote:

Wouldn't spammers simply download this list and start using them in spam?

Even absent the list, knowing the methodology is enough to start
countering it.

- mark


On 2016-01-21 3:45 PM, Marc Perkel wrote:

Just to follow up on this. I'm in the process of improving the filter.
But I have filed my provisional patent so i'm going to give you an
overview of how it works.

Most spam filters work by matching things. Matching ham and spam.
Matching rules. The important point here in this is this new system I'm
calling the Evolution filter is about NOT matching.

Suppose I sent you an email with the subject line "Let's get dinner".
You can tell instantly this is good email. How? Because spammers never
say "Let's get dinner".

There are millions of phrases used in good email every day that are
never used in spam. And - there are millions of phrases used everyday in
spam that are never used in good email. So if I get an email that
matches phrases used in good email and never used in spam - it's a good
message. And if the messages contains words and phrases used in spam and
never used in ham - it's spam.

So - how do I get a list of all phrases never used in ham or never used
in spam? I make a list of all words and phrases used in ham and spam and
test to see if it's NOT in the list. To illustrate my point,

Here is a list of 5505874 words and phrases used in the subject line of
HAM and never seen in the subject line of SPAM

http://www.junkemailfilter.com/data/subject-ham.txt

Here is a list of 3494938 words and phrases used in the subject line of
SPAM and never seen in the subject line of HAM

http://www.junkemailfilter.com/data/subject-spam.txt

The thing about not matching is that matching involves finite sets. Not
matching involves infinite sets. And infinite sets are always bigger
than finite sets.

Here in a link to my patent.

http://www.junkemailfilter.com/patent/

What I intend to do is to give it away to the little guys and charge the
big guys a small license fee. The process of implementing this is fairly
easy. I'm hoping to encourage the open source world to take this idea
and do it right. My code it cobbled together and uses 4 different
languages. But the concept is enough to get you going.

One thing you will need to implement this is Redis. Redis is extremely
fast at set comparisons and set comparisons is how this works. It's can
be expressed as one formula.

score = card(SpamCorpus intersect TestMessage diff HamCorpus) -
card(HamCorpus intersect TestMessage diff SpamCorpus)

I'm seeing an accuracy level that is so close to 100% it's scary. It is
especially good at actively identifying good email to prevent false
positives.

I will post more soon as it all comes together.




___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop


--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[TR Shaw]

Sounds like just another derivative of a scoring system like SA, ASSP, etc.

> On Jan 21, 2016, at 4:27 PM, Marc Perkel  wrote:
> 
> Because it works on NOT matching instead of matching they don't get the same 
> advantages as matching systems. If they try to fake one of those subjects it 
> only helps them pass one of hundreds of tests. So at best their fake will 
> make an opportunity to detect ham become neutral on the phrase.
> 
> Poisoning doesn't work against my system. Misspelling makes it easier to 
> identify spammers. And eventually the spammer has to convince you to do 
> something and that's where they get caught.
> 
> 
> On 01/21/16 13:17, Mark Jeftovic wrote:
>> Wouldn't spammers simply download this list and start using them in spam?
>> 
>> Even absent the list, knowing the methodology is enough to start
>> countering it.
>> 
>> - mark
>> 
>> 
>> On 2016-01-21 3:45 PM, Marc Perkel wrote:
>>> Just to follow up on this. I'm in the process of improving the filter.
>>> But I have filed my provisional patent so i'm going to give you an
>>> overview of how it works.
>>> 
>>> Most spam filters work by matching things. Matching ham and spam.
>>> Matching rules. The important point here in this is this new system I'm
>>> calling the Evolution filter is about NOT matching.
>>> 
>>> Suppose I sent you an email with the subject line "Let's get dinner".
>>> You can tell instantly this is good email. How? Because spammers never
>>> say "Let's get dinner".
>>> 
>>> There are millions of phrases used in good email every day that are
>>> never used in spam. And - there are millions of phrases used everyday in
>>> spam that are never used in good email. So if I get an email that
>>> matches phrases used in good email and never used in spam - it's a good
>>> message. And if the messages contains words and phrases used in spam and
>>> never used in ham - it's spam.
>>> 
>>> So - how do I get a list of all phrases never used in ham or never used
>>> in spam? I make a list of all words and phrases used in ham and spam and
>>> test to see if it's NOT in the list. To illustrate my point,
>>> 
>>> Here is a list of 5505874 words and phrases used in the subject line of
>>> HAM and never seen in the subject line of SPAM
>>> 
>>> http://www.junkemailfilter.com/data/subject-ham.txt
>>> 
>>> Here is a list of 3494938 words and phrases used in the subject line of
>>> SPAM and never seen in the subject line of HAM
>>> 
>>> http://www.junkemailfilter.com/data/subject-spam.txt
>>> 
>>> The thing about not matching is that matching involves finite sets. Not
>>> matching involves infinite sets. And infinite sets are always bigger
>>> than finite sets.
>>> 
>>> Here in a link to my patent.
>>> 
>>> http://www.junkemailfilter.com/patent/
>>> 
>>> What I intend to do is to give it away to the little guys and charge the
>>> big guys a small license fee. The process of implementing this is fairly
>>> easy. I'm hoping to encourage the open source world to take this idea
>>> and do it right. My code it cobbled together and uses 4 different
>>> languages. But the concept is enough to get you going.
>>> 
>>> One thing you will need to implement this is Redis. Redis is extremely
>>> fast at set comparisons and set comparisons is how this works. It's can
>>> be expressed as one formula.
>>> 
>>> score = card(SpamCorpus intersect TestMessage diff HamCorpus) -
>>> card(HamCorpus intersect TestMessage diff SpamCorpus)
>>> 
>>> I'm seeing an accuracy level that is so close to 100% it's scary. It is
>>> especially good at actively identifying good email to prevent false
>>> positives.
>>> 
>>> I will post more soon as it all comes together.
>>> 
>>> 
>>> 
>>> 
>>> ___
>>> mailop mailing list
>>> mailop@mailop.org
>>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> 
> -- 
> Marc Perkel - Sales/Support
> supp...@junkemailfilter.com 
> http://www.junkemailfilter.com 
> Junk Email Filter dot com
> 415-992-3400
> 
> 
> ___
> mailop mailing list
> mailop@mailop.org 
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop 
> 
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Michelle Sullivan]

Marc Perkel wrote:
> Because it works on NOT matching instead of matching they don't get
> the same advantages as matching systems. If they try to fake one of
> those subjects it only helps them pass one of hundreds of tests. So at
> best their fake will make an opportunity to detect ham become neutral
> on the phrase.
>
> Poisoning doesn't work against my system. Misspelling makes it easier
> to identify spammers. And eventually the spammer has to convince you
> to do something and that's where they get caught.
>
>


If you're doing it just on the subject, ok I'll go with that..

If you're doing it on the body you're probably working against prior art
of a 2004 patent.

Regards,

Michelle

-- 
Michelle Sullivan
http://www.mhix.org/


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Marc Perkel]

On 01/21/16 17:23, Michelle Sullivan wrote:

Marc Perkel wrote:

Because it works on NOT matching instead of matching they don't get
the same advantages as matching systems. If they try to fake one of
those subjects it only helps them pass one of hundreds of tests. So at
best their fake will make an opportunity to detect ham become neutral
on the phrase.

Poisoning doesn't work against my system. Misspelling makes it easier
to identify spammers. And eventually the spammer has to convince you
to do something and that's where they get caught.




If you're doing it just on the subject, ok I'll go with that..

If you're doing it on the body you're probably working against prior art
of a 2004 patent.

Regards,

Michelle



OK - which patent is that? I'm doing it against the first part of the 
body, the text in links, the name part of the from address, the php 
script references, the header structure, and behavioral flags.



--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Michelle Sullivan]

Marc Perkel wrote:
>
> On 01/21/16 17:23, Michelle Sullivan wrote:
>> Marc Perkel wrote:
>>> Because it works on NOT matching instead of matching they don't get
>>> the same advantages as matching systems. If they try to fake one of
>>> those subjects it only helps them pass one of hundreds of tests. So at
>>> best their fake will make an opportunity to detect ham become neutral
>>> on the phrase.
>>>
>>> Poisoning doesn't work against my system. Misspelling makes it easier
>>> to identify spammers. And eventually the spammer has to convince you
>>> to do something and that's where they get caught.
>>>
>>>
>>
>> If you're doing it just on the subject, ok I'll go with that..
>>
>> If you're doing it on the body you're probably working against prior art
>> of a 2004 patent.
>>
>> Regards,
>>
>> Michelle
>>
>
> OK - which patent is that? I'm doing it against the first part of the
> body, the text in links, the name part of the from address, the php
> script references, the header structure, and behavioral flags.
>
>
Oh God only knows... but back in 2004, I (with 2 others) developed a
system to detect real emails based solely on the body of the message,
and to reject everything else as spam...

It was 99.996% efficient on *english* mailboxes (we only tested it
against english mailboxes) ... I know a patent was applied for, I don't
know if it was granted...  If it wasn't granted it was because of prior
art... if it was granted you may be using prior art granted to me an 2
others... from what I recall it may not have been granted because of
about 20 patents that Microsoft were granted  Either way looking for
'not spam' was something I suggested and developed way back in 2004... 
The 'SORBS Spam Firewall' was something that took the concept
spamfilters and flipped it on its head with the thought... forget
looking for spam because spammers will keep trying to evade filters, and
look for real email ... because real email doesn't try to change/evolve
and avoid...

And here's a link to the PR...
http://117.53.167.71/asia/radio/onairhighlights/revolutionary-spam-firewall
and as a matter of interest (especially when re-reading what I said)...
when dealing with companies that want to fund to make money and don't
actually care about a product...  forget timelines... Uniquest sat on it
and killed it because they didn't want to make anything but a 'quick
buck' (as a matter of interest i still have the code and still run it
using the original trained set.. and it's still >87% correct (not bad at
>10 years I think.)

Regards,

Michelle

-- 
Michelle Sullivan
http://www.mhix.org/


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] New method of blocking spam

[Marc Perkel]

On 01/21/16 18:27, Michelle Sullivan wrote:

Marc Perkel wrote:

On 01/21/16 17:23, Michelle Sullivan wrote:

Marc Perkel wrote:

Because it works on NOT matching instead of matching they don't get
the same advantages as matching systems. If they try to fake one of
those subjects it only helps them pass one of hundreds of tests. So at
best their fake will make an opportunity to detect ham become neutral
on the phrase.

Poisoning doesn't work against my system. Misspelling makes it easier
to identify spammers. And eventually the spammer has to convince you
to do something and that's where they get caught.



If you're doing it just on the subject, ok I'll go with that..

If you're doing it on the body you're probably working against prior art
of a 2004 patent.

Regards,

Michelle


OK - which patent is that? I'm doing it against the first part of the
body, the text in links, the name part of the from address, the php
script references, the header structure, and behavioral flags.



Oh God only knows... but back in 2004, I (with 2 others) developed a
system to detect real emails based solely on the body of the message,
and to reject everything else as spam...

It was 99.996% efficient on *english* mailboxes (we only tested it
against english mailboxes) ... I know a patent was applied for, I don't
know if it was granted...  If it wasn't granted it was because of prior
art... if it was granted you may be using prior art granted to me an 2
others... from what I recall it may not have been granted because of
about 20 patents that Microsoft were granted  Either way looking for
'not spam' was something I suggested and developed way back in 2004...
The 'SORBS Spam Firewall' was something that took the concept
spamfilters and flipped it on its head with the thought... forget
looking for spam because spammers will keep trying to evade filters, and
look for real email ... because real email doesn't try to change/evolve
and avoid...

And here's a link to the PR...
http://117.53.167.71/asia/radio/onairhighlights/revolutionary-spam-firewall
and as a matter of interest (especially when re-reading what I said)...
when dealing with companies that want to fund to make money and don't
actually care about a product...  forget timelines... Uniquest sat on it
and killed it because they didn't want to make anything but a 'quick
buck' (as a matter of interest i still have the code and still run it
using the original trained set.. and it's still >87% correct (not bad at


I read the article and it didn't say anything other than it was 
horendlessly complicated. So whatever they are doing it's not what I'm 
doing because mine is dirt simple. I described it in a formula that fits 
on one line.


card(Test intersect Spam diff Ham) - card(Test Intersect Ham diff Spam)

--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop