Re: [Razor-users] Turning Razor into a censorship tool
On Fri, Feb 21, 2003 at 08:30:56PM -0800, Marc Perkel wrote: > The Razor database flagged the Electronic Frontier Foundation's > newsletter Effector as spam today and we're none too happy about that. > It seems it's to easy for legitimate email to be flagged as spam and to > prevent delivery to thousands of our subscribers. > > I'm wondering what can be done to keep this from happening in the future? Heh. This is beginning to sound a little like a rerun of a show I saw once before. Was it called "Usenet and the Cancelbots?" -- - Dan Wilder <[EMAIL PROTECTED]> Technical Manager SSC, Inc. P.O. Box 55549 Phone: 206-782-8808 Seattle, WA 98155-0549URL http://www.linuxjournal.com/ - --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
[Razor-users] Help on Razor 2 Install
Title: Help on Razor 2 Install I am doing the install for Razor v2. I was running V1 on my system prior to this install attempt. I am running RedHat 7.2 I downloaded the agents and sdk per the INSTALL help. It looks like the SDK ran perfert… with no problems. The agent part did not go as well…. Can anyone help on this one?? razor-agents-2.22 -> perl Makefile.PL Warning: prerequisite Net::DNS failed to load: Can't locate Digest/Perl/MD5.pm in @INC (@INC contains: /usr/lib/perl5/5.6.0/i386-linux /usr/lib/perl5/5.6.0 /usr/lib/perl5/site_perl/5.6.0/i386-linux /usr/lib/perl5/site_perl/5.6.0 /usr/lib/perl5/site_perl .) at /usr/lib/perl5/site_perl/5.6.0/i386-linux/Digest/MD5.pm line 20. Compilation failed in require at /usr/lib/perl5/site_perl/5.6.0/Digest/HMAC_MD5.pm line 5. BEGIN failed--compilation aborted at /usr/lib/perl5/site_perl/5.6.0/Digest/HMAC_MD5.pm line 5. Compilation failed in require at /usr/lib/perl5/site_perl/5.6.0/Net/DNS/RR/TSIG.pm line 9. BEGIN failed--compilation aborted at /usr/lib/perl5/site_perl/5.6.0/Net/DNS/RR/TSIG.pm line 9. Compilation failed in require at /usr/lib/perl5/site_perl/5.6.0/Net/DNS/RR.pm line 63. BEGIN failed--compilation aborted at /usr/lib/perl5/site_perl/5.6.0/Net/DNS/RR.pm line 63. Compilation failed in require at /usr/lib/perl5/site_perl/5.6.0/Net/DNS/Packet.pm line 14. BEGIN failed--compilation aborted at /usr/lib/perl5/site_perl/5.6.0/Net/DNS/Packet.pm line 14. Compilation failed in require at /usr/lib/perl5/site_perl/5.6.0/Net/DNS/Resolver.pm line 83. BEGIN failed--compilation aborted at /usr/lib/perl5/site_perl/5.6.0/Net/DNS/Resolver.pm line 83. Compilation failed in require at /usr/lib/perl5/site_perl/5.6.0/Net/DNS.pm line 22. BEGIN failed--compilation aborted at /usr/lib/perl5/site_perl/5.6.0/Net/DNS.pm line 22. Compilation failed in require at (eval 8) line 3. Writing Makefile for Razor2::Preproc::deHTMLxs Writing Makefile for razor-agents Thanks Jim Stallings
Re: [Razor-users] Turning Razor into a censorship tool
You're missing the point. It doesn't matter how I have my own system setup to deal with spam. If I'm sending a newsletter to 30,000 people and the ISPs - who I have no control over - or the users have their system rely on the accuracy of Razor - then my newsletter gets censored because it is either blocked or it is classified in a manner that it ends up in a junk mail folder that is never read. Yesterday Razor caused the Electronic Frontier Foundation's newsletter to not reach possibly thousands of subscribing members. I want to be able to prevent this from happening in the future. How do I contact the complaining person(s) so that I can remove them from the list and make sure this doesn't happen the next time? What can I to to ensure that Razor doesn't flag EFFs newsletter as spam in the future? Michael Loftis wrote: Try not using is in razor/is not in razor as the only benchmark for spam. Also razor implements 'confidence' that can be looked at too. Any single method is going to have false positives, and false negatives. Same with any multipoint method, but if oyu look at more datapoints you're liable to be more accurate, or at the least, more conservative. --On Friday, February 21, 2003 8:30 PM -0800 Marc Perkel <[EMAIL PROTECTED]> wrote: The Razor database flagged the Electronic Frontier Foundation's newsletter Effector as spam today and we're none too happy about that. It seems it's to easy for legitimate email to be flagged as spam and to prevent delivery to thousands of our subscribers. I'm wondering what can be done to keep this from happening in the future? --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
Re: [Razor-users] Turning Razor into a censorship tool
On 2003-02-22 08:24:13 -0800, Marc Perkel wrote: > You're missing the point. It doesn't matter how I have my own system > setup to deal with spam. If I'm sending a newsletter to 30,000 people > and the ISPs - who I have no control over - or the users have their > system rely on the accuracy of Razor - then my newsletter gets censored > because it is either blocked or it is classified in a manner that it > ends up in a junk mail folder that is never read. > > Yesterday Razor caused the Electronic Frontier Foundation's newsletter > to not reach possibly thousands of subscribing members. I want to be > able to prevent this from happening in the future. You can't. Your subscribers can. > How do I contact the complaining person(s) so that I can remove them > from the list You don't. > and make sure this doesn't happen the next time? You can just hope that the "possibly thousands" of your subscribers who rely on razor will notice that your mails end up in their junk folder and will revoke them. Then the trust level of the people reporting your mails will decrease and they will stop to matter. hp -- _ | Peter J. Holzer| To a database person, |_|_) | Sysadmin WSR | every nail looks like a thumb. | | | [EMAIL PROTECTED] | __/ | http://www.hjp.at/ | -- Jamie Zawinski pgp0.pgp Description: PGP signature
Re: [Razor-users] Turning Razor into a censorship tool
The idea that there is nothing that I can do to stop our newsletter from being blacklisted by Razor is unacceptable. That would definitely be the wrong answer. Peter J. Holzer wrote: On 2003-02-22 08:24:13 -0800, Marc Perkel wrote: You're missing the point. It doesn't matter how I have my own system setup to deal with spam. If I'm sending a newsletter to 30,000 people and the ISPs - who I have no control over - or the users have their system rely on the accuracy of Razor - then my newsletter gets censored because it is either blocked or it is classified in a manner that it ends up in a junk mail folder that is never read. Yesterday Razor caused the Electronic Frontier Foundation's newsletter to not reach possibly thousands of subscribing members. I want to be able to prevent this from happening in the future. You can't. Your subscribers can. Suppose I have a malicous subscriber who falsely reports Effector as spam? How do I contact the complaining person(s) so that I can remove them from the list You don't. Unacceptable. An annonymous person can block the distribution of free speech to it's legitimate subscribing members. and make sure this doesn't happen the next time? You can just hope that the "possibly thousands" of your subscribers who rely on razor will notice that your mails end up in their junk folder and will revoke them. Then the trust level of the people reporting your mails will decrease and they will stop to matter. However - if the user pipes a lot of real spam to razor as a way of regaining trust then that would nullify that. Besides - by the time it gets revoked the delivery has already occurred and the damage is already done.
Re: [Razor-users] Turning Razor into a censorship tool
On Sat, Feb 22, 2003 at 09:35:30AM -0800, Marc Perkel wrote: > The idea that there is nothing that I can do to stop our newsletter from > being blacklisted by Razor is unacceptable. That would definitely be the > wrong answer. Actually it's very acceptable to me, if there was a way to stop being listed in razor, there would be nothing stopping the spammers from doing it as well. That's why most people use Razor as an indicator, not as a 100% guaranteed "is this spam"? But you can't control what people do. This is, again, all part of distributed spam filtering systems. You get FPs, you get malicious reports ... That's the goal of the trust system. Can a person inflate their trust then become malicious? Sure, but a truly malicious person will always find a way to accomplish their goal. TeS is meant to deal with the accidental reports and the, well, stupid people (don't want to unsubscribe, etc.) -- Randomly Generated Tagline: "Smoking kills. If you're killed, you've lost a very important part of your life." - Brooke Shields pgp0.pgp Description: PGP signature
Re: [Razor-users] Turning Razor into a censorship tool
I don't really have any authority to have this opinion, other than that I have been subscribed to this mailing list for a year and a half. But here goes. Razor is mildly dependent on people reporting spams, but it is desperately dependent on people not reporting non-spams. There is a BIG difference. If you send in real spams, ho hum, there are lots of people doing that, but thank you for your support. But if you report one non-spam incorrectly, you are pissing in the drinking water, this is a BAD BAD BAD thing. Anyone who does so should be banished, or at least severely chastised. If someone reports an e-mail that is just too obviously from an improper spamtrap or otherwise completely clueless user, their trust rating should INSTANTLY go down by about 1000 points or so. They are not participating constructively in the Razor community. They are not "playing by the rules". For whatever reason--we don't care why--they screwed up and submitted something that isn't spam. It doesn't matter how many spams that they have also accurately reported, we can do without their "help" for a long time, or perhaps forever! At least, that's my feeling about this topic. It's like that Dirty Harry movie, where there's a scene on a police firing range--you "shot a good guy". This is actually off the topic of turning Razor into a censorship tool. Sorry. People can probably figure out ways to "game" the system, we will have to keep thinking up ways to thwart that. Separate topic. This is about people reporting EFF newsletters, Dilbert newsletters, things from SourceForge, CERT virus alerts, a short list of things that might not be double-opt-in, but they are Obviously Not Spam! 99% of all spams are obviously spam! If you are in doubt as to whether it might not be a spam, then don't you dare submit it! Of course, I don't have any suggestions about how to implement the banishment idea. Perhaps Vipul and Jordan could stay up late nights looking at revokes, and pressing a "Bozo Override" button when necessary. Marco Percale wrote: The idea that there is nothing that I can do to stop our newsletter from being blacklisted by Razor is unacceptable. That would definitely be the wrong answer. Peter J. Holzer wrote: On 2003-02-22 08:24:13 -0800, Marc Perkel wrote: You're missing the point. It doesn't matter how I have my own system setup to deal with spam. If I'm sending a newsletter to 30,000 people and the ISPs - who I have no control over - or the users have their system rely on the accuracy of Razor - then my newsletter gets censored because it is either blocked or it is classified in a manner that it ends up in a junk mail folder that is never read. Yesterday Razor caused the Electronic Frontier Foundation's newsletter to not reach possibly thousands of subscribing members. I want to be able to prevent this from happening in the future. You can't. Your subscribers can. Suppose I have a malicous subscriber who falsely reports Effector as spam? How do I contact the complaining person(s) so that I can remove them from the list You don't. Unacceptable. An annonymous person can block the distribution of free speech to it's legitimate subscribing members. and make sure this doesn't happen the next time? You can just hope that the "possibly thousands" of your subscribers who rely on razor will notice that your mails end up in their junk folder and will revoke them. Then the trust level of the people reporting your mails will decrease and they will stop to matter. However - if the user pipes a lot of real spam to razor as a way of regaining trust then that would nullify that. Besides - by the time it gets revoked the delivery has already occurred and the damage is already done.
Re: [Razor-users] Turning Razor into a censorship tool
I hope you all realize that I'm bringing this up to point out flaws in the system in hopes that it will lead to a better solution to the problem. Steve Vance wrote: I don't really have any authority to have this opinion, other than that I have been subscribed to this mailing list for a year and a half. But here goes. Razor is mildly dependent on people reporting spams, but it is desperately dependent on people not reporting non-spams. There is a BIG difference. If you send in real spams, ho hum, there are lots of people doing that, but thank you for your support. But if you report one non-spam incorrectly, you are pissing in the drinking water, this is a BAD BAD BAD thing. Anyone who does so should be banished, or at least severely chastised. If someone reports an e-mail that is just too obviously from an improper spamtrap or otherwise completely clueless user, their trust rating should INSTANTLY go down by about 1000 points or so. They are not participating constructively in the Razor community. They are not "playing by the rules". For whatever reason--we don't care why--they screwed up and submitted something that isn't spam. It doesn't matter how many spams that they have also accurately reported, we can do without their "help" for a long time, or perhaps forever! At least, that's my feeling about this topic. It's like that Dirty Harry movie, where there's a scene on a police firing range--you "shot a good guy". This is actually off the topic of turning Razor into a censorship tool. Sorry. People can probably figure out ways to "game" the system, we will have to keep thinking up ways to thwart that. Separate topic. This is about people reporting EFF newsletters, Dilbert newsletters, things from SourceForge, CERT virus alerts, a short list of things that might not be double-opt-in, but they are Obviously Not Spam! 99% of all spams are obviously spam! If you are in doubt as to whether it might not be a spam, then don't you dare submit it! Of course, I don't have any suggestions about how to implement the banishment idea. Perhaps Vipul and Jordan could stay up late nights looking at revokes, and pressing a "Bozo Override" button when necessary. --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
RE: [Razor-users] Turning Razor into a censorship tool
I don't think Vipul or Jordon can look at a hash and know whether it's spam or not. Remember, it's hashes of the message body and not the actualy message body that is necessarily being sent. Also, I don't think this thread is going to resolve anything. Besides, who cares if a message is being tagged as spam so long as it's being delivered. Note that I said "tagged". Razor, SA, pyzor, etc are not MTA and don't come with any code to drop a message into the bit-bucket. If a postmaster is using a setup that drops a message based on it's spaminess instead of delivering then it's not the fault of the antispam product. The complaint should be with the postmaster and how they are using the product not the product. If you don't know who to complain such as [EMAIL PROTECTED] or [EMAIL PROTECTED] then notify the person on your list that their newsletter couldn't be delivered because their postmaster is blocking it. -Original Message- From: Steve Vance [mailto:[EMAIL PROTECTED] Sent: Saturday, February 22, 2003 3:11 PM To: [EMAIL PROTECTED] Cc: Marc Perkel Subject: Re: [Razor-users] Turning Razor into a censorship tool I don't really have any authority to have this opinion, other than that I have been subscribed to this mailing list for a year and a half. But here goes. Razor is mildly dependent on people reporting spams, but it is desperately dependent on people not reporting non-spams. There is a BIG difference. If you send in real spams, ho hum, there are lots of people doing that, but thank you for your support. But if you report one non-spam incorrectly, you are pissing in the drinking water, this is a BAD BAD BAD thing. Anyone who does so should be banished, or at least severely chastised. If someone reports an e-mail that is just too obviously from an improper spamtrap or otherwise completely clueless user, their trust rating should INSTANTLY go down by about 1000 points or so. They are not participating constructively in the Razor community. They are not "playing by the rules". For whatever reason--we don't care why--they screwed up and submitted something that isn't spam. It doesn't matter how many spams that they have also accurately reported, we can do without their "help" for a long time, or perhaps forever! At least, that's my feeling about this topic. It's like that Dirty Harry movie, where there's a scene on a police firing range--you "shot a good guy". This is actually off the topic of turning Razor into a censorship tool. Sorry. People can probably figure out ways to "game" the system, we will have to keep thinking up ways to thwart that. Separate topic. This is about people reporting EFF newsletters, Dilbert newsletters, things from SourceForge, CERT virus alerts, a short list of things that might not be double-opt-in, but they are Obviously Not Spam! 99% of all spams are obviously spam! If you are in doubt as to whether it might not be a spam, then don't you dare submit it! Of course, I don't have any suggestions about how to implement the banishment idea. Perhaps Vipul and Jordan could stay up late nights looking at revokes, and pressing a "Bozo Override" button when necessary. Marco Percale wrote: The idea that there is nothing that I can do to stop our newsletter from being blacklisted by Razor is unacceptable. That would definitely be the wrong answer. Peter J. Holzer wrote: On 2003-02-22 08:24:13 -0800, Marc Perkel wrote: You're missing the point. It doesn't matter how I have my own system setup to deal with spam. If I'm sending a newsletter to 30,000 people and the ISPs - who I have no control over - or the users have their system rely on the accuracy of Razor - then my newsletter gets censored because it is either blocked or it is classified in a manner that it ends up in a junk mail folder that is never read. Yesterday Razor caused the Electronic Frontier Foundation's newsletter to not reach possibly thousands of subscribing members. I want to be able to prevent this from happening in the future. You can't. Your subscribers can. Suppose I have a malicous subscriber who falsely reports Effector as spam? How do I contact the complaining person(s) so that I can remove them from the list You don't. Unacceptable. An annonymous person can block the distribution of free speech to it's legitimate subscribing members. and make sure this doesn't happen the next time? You can just hope that the "possibly thousands" of your subscribers who rely on razor will notice that your mails end up in their junk folder and will revoke them. Then the trust level of the people reporting your mails will decrease and they will stop to matter. However - if the user pipes a lot of real spam to razor as a way of regaining trust then that would nullify that. Besides - by the time it gets revoked the delivery has already occurred and the damage is already done. --- This SF.net email is sponsored by: SlickEdit Inc. De
Re: [Razor-users] Turning Razor into a censorship tool
Marc Perkel wrote: I hope you all realize that I'm bringing this up to point out flaws in the system in hopes that it will lead to a better solution to the problem. I completely agree with you, but I am starting to get the feeling that people have a closed mind about this issue. We all know that one spam tool is not effective enough to be the spam tool, no one should argue about that. We also all know that when you have a distributed spam checking system like this, you rely on participants to make and break it. The problem I am seeing here is that however it is implemented now is NOT working. I used to put a lot of confidence in Razor, I could be almost sure that if it was in Razor, it was spam. Now I have turned razor off in my implementation, and I don't think I'll be turning it back on. I was fed up with revoking spam and watching it still be marked by razor. I found that if I did echo "test" | mail [EMAIL PROTECTED] that it would be marked by razor. The TeS system is this mystery box that no one knows whats going on inside. I see the security through obscurity argument for not showing TeS stats, but I think that maybe we could do a distributed-on-top-of-distributed moderation type thing. Kind of like Slashdot and moderation points and then meta moderation. Steve Vance is somewhat correct in his conclusion. The only flaw is that we ARE trying to revoke spams that are incorrectly marked, and it never has any effect on the system. Whatever that is, it's not working. Obviously people are able to report the EFF newsletter, and have it be listed, and others are unable to revoke it. Something is wrong here. For now I have turned razor off, and I am using DCC with great sucess. I'm sorry, because I have been a big fan of Razor since the beginning, but this is just not working. -- [EMAIL PROTECTED] www.dellanave.com FED5 FF73 7A92 5B11 844D 068E 3AEC 268E AAF0 DA59 --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
Re: [Razor-users] Turning Razor into a censorship tool
On Sat, Feb 22, 2003 at 03:04:14PM -0600, David Dellanave wrote: > For now I have turned razor off, and I am using DCC with great sucess. > I'm sorry, because I have been a big fan of Razor since the beginning, > but this is just not working. Really? Wow. You get much different mail than I do: Total Spam: 1853 SA Caught : 1846(99.6 %) Razor Caught : 1378(74.4 %) Razor Not SA : 6 (0.3 %) DCC Caught: 2 (0.1 %) DCC Not SA: 0 (0.0 %) Razor may have problems, but it does catch 74% of my spam. DCC doesn't do anything for me. -- Randomly Generated Tagline: I'm carsick. Sick of paying for it, sick of fixing it... pgp0.pgp Description: PGP signature
Re: [Razor-users] Turning Razor into a censorship tool
Hi, On Sat, 22 Feb 2003 09:35:30 -0800 Marc Perkel <[EMAIL PROTECTED]> wrote: > The idea that there is nothing that I can do to stop our newsletter from > being blacklisted by Razor is unacceptable. That would definitely be the > wrong answer. Unfortunately, 'wrong' is not equivalent to 'untrue'. Question: Do you have the same problem with DCC? (http://www.rhyolite.com/anti-spam/dcc/) False positives are due to honest mistakes (fat-fingered the report key), ignorance (automated reporting and spamtraps), and malice. The question is, where do your particular false positives come from? That's a rhetorical question because only someone privy to the innards of the Razor database can know that. Honest mistakes? Those people that are paying attention when reporting know how to self-revoke and they do to preserve their TeS. Ignorance? I blame automated reporting and spamtraps. I don't know how the EFF newsletter is managed, but if it doesn't confirm subscriptions and periodically reconfirm users (BUGTRAQ does it at least annually), it's liable to end up in a poorly-configured spamtrap somewhere. So the first step you can take is to ensure your (re)confirmation and scheme is working. Malice? Aside from the Attorney General and a handful of sexually-inactive teens, I can't fathom who'd bother, but for the sake of argument, let's assume there's a He-Man EFF-Hater's Club (HEC) out there somewhere. If the HEC only reports your newsletter as spam and someone else revokes HEC's report, HEC's trust level drops. The damage is done initially but HEC's capacity to damage is limited with every bogus report they file. They can resubscribe as HEC2, HEC3, etc. to clear their reputation and the cycle can continue but it's pretty clear you'd need a decicated and large conspiracy to do this, the probability of which is small but non-zero. Also, it's doubtful that most of the conspirator(s) are manually reporting your newsletter so you may be able to shed them by periodically reconfirming subscriptions (above) if you don't already. We're assuming that Razor's trust model is reasonable which may be the crux of your argument. I'm not happy that it's not made public but I understand the rationale for keeping it hidden for the time being and I respect that decision. But assuming that, flawed or not, the trust model is not going to change anytime soon, there are things you can do to mitigate the damage done by bad reports. For example, break each newsletter mailing into several smaller mailings. After each burst goes out, wait a bit and check your message against Razor; if it's listed, revoke the listing and send the next burst. Repeat until the whole mailing goes out. If you're really paranoid (and who isn't these days?), intelligently shuffle the recipients to home in on potential reporters. Extremely paranoid people would send widely different content to different groups of recipients to further zero in on malicious reporters, all without cooperation from the maintainers of the Razor database. Another route is working with the Razor developers/Cloudmark to improve their trust model. I'm sure the EFF has knows people who are smart, pleasant, and feel strongly about promulgating good anonymous trust systems. Or arranging a smoky backroom deal with the db maintainers to keep your newsletter out of their database. This might not be the best list for discussing either of these. Yes, it's extra work and I expect some or all of these suggestions will offend the EFF's sensibilities, but you asked for answers, not solutions[1]. hth, -- Bob [1] I'm speaking mathematically; answers help you right now, solutions help everyone forever. --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
Re: [Razor-users] Turning Razor into a censorship tool
On Sat, 22 Feb 2003 15:55:17 -0500 "Rose, Bobby" <[EMAIL PROTECTED]> wrote: > I don't think Vipul or Jordon can look at a hash and know whether it's > spam or not. Remember, it's hashes of the message body and not the > actualy message body that is necessarily being sent. > > Also, I don't think this thread is going to resolve anything. Well, that's defeatist... :) > Besides, > who cares if a message is being tagged as spam so long as it's being > delivered. Note that I said "tagged". Razor, SA, pyzor, etc are not > MTA and don't come with any code to drop a message into the bit-bucket. YMMV. You can run Razor from within SpamAssassin within Amavis within Postfix (or within MimeDefang within Sendmail or within something within Exim, etc.) and use it to reject mail during the SMTP phase or silently discard the mail before final delivery to the user. Admonishments to the contrary, sysadmins frequently use tools in ways the authors don't intend. For example, rejecting at the SMTP phase saves a lot of resources downstream which translates into real money. You shouldn't do this unless you're sure you're rejecting crap and the gray area is your local definition of 'sure.' > If a postmaster is using a setup that drops a message based on it's > spaminess instead of delivering then it's not the fault of the antispam > product. The complaint should be with the postmaster and how they are > using the product not the product. If you don't know who to complain > such as [EMAIL PROTECTED] or [EMAIL PROTECTED] then notify the person on your > list that their newsletter couldn't be delivered because their > postmaster is blocking it. True, but if you can fix the product, you reduce the competence/attention level required of thousands of local admins. Given limited time and energy, is it easier to fix one product or retrain thousands of admins? In this case, the fix makes the product better and more accurate for everyone, it's not just a quick exception for one mailing list. -- Bob --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
RE: [Razor-users] Turning Razor into a censorship tool
Yeh that's my point. It's not razor that's doing any rejecting. It's the postmaster who has integrated razor into his system and configured his MTA to reject based on razor results. They know that they are going to drop false positives but they weigh it out against the overall objective and choose to reject. It's the postmaster who is censoring and it's up to their userbase to do something about it. They have their supposed opt-in mailing list, send those people a message about it and if that opt-in user really cares then they'll deal with their sysadm. If they don't like the idea of email being blocked then they can switch to a new email service provider. If it's a case of a corporate or business environment doing the blocking then they have the right to block since it's is their resources being used for non-business activity. If you've been using razor since v1 and been in the mailings all along then you'd know that TES was the answer to the problem of people submitting false positives. I really don't see what is expected to be done here. Does Marc want razor to be hard-coded to ignore his mass mailings... It's not going to happen. Does he want the person who submitted it blocked... That won't happen either. Who knows, it could actually be more than one person who reported his mailing as spam. Razor is based on open-source code so instead of saying it's broken and it needs to be fixed, suggest how that can be done. Check the website, the last sentence on How I can Help says..."And, finally, you can help by contributing code (see the task list for what remains to be done)" If they are rejecting based on Razor results then they could be doing the same for SA or DCC. Are you going to go to the folks who write the code for those products and raise the same complaint. What if was being blocked by a system using Brightmail, which is being used by ATT Worldnet,Verizon,CableVision, etc...even MSN. Are you going to complain that brightmail needs to be fixed. The problem has spam email has redefined by people it as any unwanted email. Yeh you might say that they could just unsubscribe but anymore people can't trust such actions because 1) the message is forged with no real unsubscribe function 2) you unsubscribe but still get the mailings 3) and of course... it's a trick to confirm a valid email address which then gets the onslaught So what do they do, they report it as spam aka unwanted email and let what every filtering system they use deal with it. -Original Message- From: Bob Apthorpe [mailto:[EMAIL PROTECTED] Sent: Saturday, February 22, 2003 5:29 PM To: [EMAIL PROTECTED] Subject: Re: [Razor-users] Turning Razor into a censorship tool On Sat, 22 Feb 2003 15:55:17 -0500 "Rose, Bobby" <[EMAIL PROTECTED]> wrote: > I don't think Vipul or Jordon can look at a hash and know whether it's > spam or not. Remember, it's hashes of the message body and not the > actualy message body that is necessarily being sent. > > Also, I don't think this thread is going to resolve anything. Well, that's defeatist... :) > Besides, > who cares if a message is being tagged as spam so long as it's being > delivered. Note that I said "tagged". Razor, SA, pyzor, etc are not > MTA and don't come with any code to drop a message into the > bit-bucket. YMMV. You can run Razor from within SpamAssassin within Amavis within Postfix (or within MimeDefang within Sendmail or within something within Exim, etc.) and use it to reject mail during the SMTP phase or silently discard the mail before final delivery to the user. Admonishments to the contrary, sysadmins frequently use tools in ways the authors don't intend. For example, rejecting at the SMTP phase saves a lot of resources downstream which translates into real money. You shouldn't do this unless you're sure you're rejecting crap and the gray area is your local definition of 'sure.' > If a postmaster is using a setup that drops a message based on it's > spaminess instead of delivering then it's not the fault of the > antispam product. The complaint should be with the postmaster and how > they are using the product not the product. If you don't know who to > complain such as [EMAIL PROTECTED] or [EMAIL PROTECTED] then notify the > person on your list that their newsletter couldn't be delivered > because their postmaster is blocking it. True, but if you can fix the product, you reduce the competence/attention level required of thousands of local admins. Given limited time and energy, is it easier to fix one product or retrain thousands of admins? In this case, the fix makes the product better and more accurate for everyone, it's not just a quick exception for one mailing list. -- Bob --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. ww
[Razor-users] Spiritual advice needed 8-0
razor2 check skipped: No such file or directory Can't call method "log" on unblessed reference at /usr/lib/perl5/site_perl/5.8.0/Razor2/Client/Agent.pm line 212. Is there something I can do about being unblessed or do I need a clergyman? -- Sed quis custodiet ipsos custodes? == Robin Lynn Frank - Director of Operations - Paradigm-Omega, LLC Copyright and PGP/GPG info in mail or message headers. Email acceptance policy at http://paradigm-omega.com/email_policy.html == --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
Re: [Razor-users] Turning Razor into a censorship tool
From: "Marc Perkel" <[EMAIL PROTECTED]> > You're missing the point. With all due respect, I don't think you really appreciate how Razor works. > It doesn't matter how I have my own system > setup to deal with spam. If I'm sending a newsletter to 30,000 people > and the ISPs - who I have no control over - or the users have their > system rely on the accuracy of Razor - then my newsletter gets censored > because it is either blocked or it is classified in a manner that it > ends up in a junk mail folder that is never read. Razor itself NEVER blocks ANY mail. EVER. It works by *flagging* mail that has been reported as 'known spam'. What any individual sysamin does as a result of Razor flagging it is entirely up to the individual sysadmins. > Yesterday Razor caused the Electronic Frontier Foundation's newsletter > to not reach possibly thousands of subscribing members. I want to be > able to prevent this from happening in the future. How do I contact the > complaining person(s) so that I can remove them from the list and make > sure this doesn't happen the next time? What can I to to ensure that > Razor doesn't flag EFFs newsletter as spam in the future? We've been running Razor on our servers for as long as it has been available, and like ANY spam blocking system, it is prone to produce the occasional false positives, but there is no way I'm ever going to STOP using it because its benefits far outweigh its faults. As for the the occasional false positives, I find this very easy to take care of by adding 'exceptions' to the filter rules - We now have literally DOZENS of these 'exceptions' (built up over the years), and the number of real false positives now recieved are so low as to be non-existant - in fact our *other* filters produce more false positives than Razor does. My suggestion to you would be to inform your 30,000 subscribers that if your newsletter isn't being recieved that they should contact their sysadmin so they can add their own exceptions. This is NOT difficult to do, and any sysadmin running razor will probably be pleased to comply. Naturally, if your 30,000 subscribers were obtained from a purchased mailing list (ie, it isn't something they subscribed to in the first place) then they probably have no interest in your newsletter, and they are not likely to let their sysadmin know that they are not getting them. Also, keep in mind that many of us have a 'honeypot' account that is NEVER used by a real person, and any and all mail sent to such honeypots are automatically reported to razor as being spam. Purchased maillists will almost always include at least one such honeypot. Now, I'm NOT going to insult you by even suggesting that you may be a spammer (especially since I've never yet met a spammer that thinks that THEIR 'newletter/advert/promotion' is really SPAM), but I will say that if you are NOT a spammer, and if you have a genuine user subscribed mailing list, then getting yourself excluded from incorrect razor flaggings would/should be a relatively simply matter of letting your *subcribed* users know that they may need to contact their sysadmin to have your mailings excluded from being razor flagged. It all comes down to working TOGETHER to achieve a common goal. Simply complaining that Razor, spam-assassin, or any other mail filtering system is bad for your business will achieve nothing. Regards Rod --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ___ Razor-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/razor-users
