Re: What is Ham? (was Re: Need Volunteers for Ham Trap)
On Thursday, January 20, 2011, 1:31:50 PM, Bowie Bailey wrote: > On 1/20/2011 4:17 PM, David F. Skoll wrote: > When you sign up for a company's email list, you get whatever they > decide to send you. If they decide to start sending marketing to the > list, I would not consider that spam because they own the list and they > can decide what to use it for. The recipients signed up to get that > company's emails and if they no longer want to receive them, they can > unsubscribe. And as I said before, if the unsubscribe function doesn't > work, then the emails become spam (regardless of the actual content). Yes and no. If you sign up for Joe's Bagel Company mailing list to find out about the latest Bagel news, and some new marketing guy joins the Bagel company and starts sending marketing messages about Bananas to that list, then the original purpose of the list and what you thought you signed up for has been corrupted. Most people would consider the latter to be spam, and rightly so. OTOH if the Bagel company decides to send non-Bagel messages to a Bagel specific list, then one knows exactly: 1. Who to blame 2. Where to unsubscribe 3. What went wrong etc. So at least there is a responsible party to hopefully act on unsubscriptions, fire the spammy marketer, etc. It's sort of a degenerate case of the degenerate case of email addresses going to to a third party, except it's the same party. Spam is easy. Ham is hard. Cheers, Jeff C. -- Jeff Chan mailto:je...@surbl.org http://www.surbl.org/
Re: What is Ham? (was Re: Need Volunteers for Ham Trap)
On Thu, 20 Jan 2011 16:31:50 -0500 Bowie Bailey wrote: > When you sign up for a company's email list, you get whatever they > decide to send you. OK. I guess we'll agree to disagree on our definitions, then. Regards, David.
Re: What is Ham? (was Re: Need Volunteers for Ham Trap)
On 01/20/2011 11:31 AM, Bowie Bailey wrote: Public discussion lists are bit different. In that case, it is the individual post that is being considered spam rather than considering the list spammy. Since there is no overall control over the content of the posts, public lists are vulnerable to being filled with spam if the list owners are not paying attention. For this reason, the ham trap will not be subscribed to any discussion lists. When you sign up for a company's email list, you get whatever they decide to send you. If they decide to start sending marketing to the list, I would not consider that spam because they own the list and they can decide what to use it for. The recipients signed up to get that company's emails and if they no longer want to receive them, they can unsubscribe. And as I said before, if the unsubscribe function doesn't work, then the emails become spam (regardless of the actual content). Your understanding is exactly correct. Warren
Re: What is Ham? (was Re: Need Volunteers for Ham Trap)
On 1/20/2011 4:17 PM, David F. Skoll wrote: > On Thu, 20 Jan 2011 16:12:58 -0500 > Bowie Bailey wrote: > >> Of course it is. You subscribed to it. If you don't want it anymore, >> unsubscribe. > I disagree. When you subscribe to a list, there's an implicit understanding > of the content you are signing up for. If the list owner violates the rules > and posts marketing material, that's spam. > > Concrete example: If I posted an ad for our commercial anti-spam system > on the MIMEDefang list, that would be spam. If I posted it on this list, > it would be spam-squared and I'd probably be banned. :) Public discussion lists are bit different. In that case, it is the individual post that is being considered spam rather than considering the list spammy. Since there is no overall control over the content of the posts, public lists are vulnerable to being filled with spam if the list owners are not paying attention. When you sign up for a company's email list, you get whatever they decide to send you. If they decide to start sending marketing to the list, I would not consider that spam because they own the list and they can decide what to use it for. The recipients signed up to get that company's emails and if they no longer want to receive them, they can unsubscribe. And as I said before, if the unsubscribe function doesn't work, then the emails become spam (regardless of the actual content). -- Bowie
Re: What is Ham? (was Re: Need Volunteers for Ham Trap)
On Thu, 20 Jan 2011 16:12:58 -0500 Bowie Bailey wrote: > Of course it is. You subscribed to it. If you don't want it anymore, > unsubscribe. I disagree. When you subscribe to a list, there's an implicit understanding of the content you are signing up for. If the list owner violates the rules and posts marketing material, that's spam. Concrete example: If I posted an ad for our commercial anti-spam system on the MIMEDefang list, that would be spam. If I posted it on this list, it would be spam-squared and I'd probably be banned. :) Regards, David.
Re: What is Ham? (was Re: Need Volunteers for Ham Trap)
On 1/20/2011 4:10 PM, David F. Skoll wrote: > On Thu, 20 Jan 2011 11:06:31 -1000 > "Warren Togami Jr." wrote: > >> Ham is a lot easier to define than Spam. Ham is simply anything that >> you subscribed for. > Not necessarily. You could subscribe to a list expecting it to contain > useful content. A few months later, the organization running the list > might decide to change what it posts and start posting undesired marketing > information on the list. > > Is that still ham? Of course it is. You subscribed to it. If you don't want it anymore, unsubscribe. If you unsubscribe and they keep sending it anyway, THEN it becomes spam. -- Bowie
What is Ham? (was Re: Need Volunteers for Ham Trap)
On Thu, 20 Jan 2011 11:06:31 -1000 "Warren Togami Jr." wrote: > Ham is a lot easier to define than Spam. Ham is simply anything that > you subscribed for. Not necessarily. You could subscribe to a list expecting it to contain useful content. A few months later, the organization running the list might decide to change what it posts and start posting undesired marketing information on the list. Is that still ham? Regards, David.
Re: Need Volunteers for Ham Trap
On 1/20/2011 7:23 AM, R - elists wrote: initially this came across as a really suspect idea... i.e., one man's junk is another man's treasure Ham is a lot easier to define than Spam. Ham is simply anything that you subscribed for. for a moment, it appeared we were gonna need to review the good and the bad of spam-l to avoid serious SA list issues. statistically speaking, this shouldnt sway the scoring substantially anyways would it? You are correct. This is more of a tool to have *some* variety in the ham corpus, to make it possible to flag rules in need of scrutiny. For example, prior to 3.3.x many of our rules were utterly broken with Japanese mail. We had no idea of this fact until I added a few thousand Japanese mail to the ham corpus. JM understood the problem and fixed those rules. what should be known so that bad data is not allowed into the HAM corpus ? The previous discussion described a sort of "tagged sender" ham trap. This simple process automatically excludes extraneous mail in cases where the address was shared with "affiliates" or spammer lists. We also will be careful in sticking to reputable companies and orgs for the ham trap. Warren
Re: Need Volunteers for Ham Trap
On Tue, Jan 18, 2011 at 12:59, Warren Togami Jr. wrote: > On 1/17/2011 11:46 PM, Jeff Chan wrote: >> >> So a couple points: >> >> 1. Subscribing to lists opens up lots of grey areas including >> the above. >> >> 2. Some of the areas are very difficult to resolve into spam or >> ham. Some more aggressive anti-spammers may say all of the above >> is spam, but others may disagree, and the mail may be legal. >> >> Before anyone accuses me of being in favor of spammers, please be >> aware that I am personally highly against any of these unethical >> practices, but when essentially making decisions for others, one >> needs to be very careful and consider whether there may be legitimate, >> ethical, legal or even wanted uses of such things. One person's >> ham may be another persons spam, and vice versa. However, most >> people don't want the stuff bots send. >> >> The issue is complex, and there are many deliverability, security >> and anti-spam companies and organizations that struggle with these >> issues every day. Maintaining accurate ham and spam corpora and >> making policies for what belongs in which category is trivial in >> some easy cases like bot pill spam, but non-trivial in other >> cases. >> >> Cheers, >> >> Jeff C. > > I appreciate the nuanced feedback but I have thought of similar > considerations. I believe the following will help to avoid ambiguity and > legal issues. > > * Yes, we cannot be 100% sure our opt-in was only for that particular site > and not their "partners". But in any case automatic ham trapped mail will > be only the mail branded by the subscribed provider, because that is the > only mail we know for sure was opted-in. Anything else is kept separate for > later analysis. > > * If clearly spammy other mail arrives at a particular address, the original > subscription can be unsubscribed and the continued flow monitored. That > address could then be discarded. +1 to those. tagged addressing makes this easy to implement (and track). I use this approach on a very small scale for a small number of ham newsletters in my own corpus... --j.
RE: Need Volunteers for Ham Trap
> > This is a misunderstanding. I am largely against > whitelisting or negative score rules. I merely intend to > increase the variety of legitimate mail in the nightly ham > corpus so our spam-hostile rules can be better tested for > safety. This will be interesting especially with non-English ham. > > Warren > Warren, so, are you going to keep two or more corpus datasets? one as it is, and one with the new for comparison? initially this came across as a really suspect idea... i.e., one man's junk is another man's treasure for a moment, it appeared we were gonna need to review the good and the bad of spam-l to avoid serious SA list issues. statistically speaking, this shouldnt sway the scoring substantially anyways would it? what should be known so that bad data is not allowed into the HAM corpus ? - rh
Re: SpamAssassin Not Performing Task
Thank you both for your inputs. Futher prodding has gotten my web hoster to get the techies involved and they report that they have resolved the problem. Looking at mail coming in this morning, it appears that they indeed have corrected the problem. Only valid mail is arriving to my mailboxes. A sample header shows: X-Spam-Status: No, score=-6.0 X-Spam-Score: -59 X-Spam-Bar: -- X-Ham-Report: Spam detection software, running on the system "cloud-dimenoc.webhostdns.info", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: > > (content deleted for brevity) Content analysis details: (-6.0 points, 2.5 required) pts rule name description -- -- -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at http://www.dnswl.org/, high trust [159.82.164.203 listed in list.dnswl.org] -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.] 1.0 AWL AWL: From: address is in the auto white-list X-Spam-Flag: NO -- View this message in context: http://old.nabble.com/SpamAssassin-Not-Performing-Task-tp30712107p30720359.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: DCC plugin for SA
On Thu, 20 Jan 2011 11:49:56 +0100 J4 wrote: > > Good morning to all of you, > > This popped up in the spamd.log after a reboot (done to test > everything worked after a reboot). > > warn: dcc: dccifd -> check skipped: dcc: failed to connect to a > socket /var/dcc/dccifd: Connection refused > > The socket is there: > srw-rw-rw- 1 dcc spamd 0 Jan 10 09:40 /var/dcc/dccifd > > local.cf has :- > use_dcc 1 > dcc_path /usr/local/bin/dccproc dccproc is the fallback client if there is no dccifd daemon running, I just use that. dccproc might be much less efficient than dccifd in a straight comparison, but compared to spamd/spamc it's negligible IMO.
Re: DCC plugin for SA
On 01/20/2011 12:08 PM, Warren Togami Jr. wrote: > On 1/20/2011 1:06 AM, J4 wrote: >> >> I had not realised it was in the repos - I just checked and it is. Damn. > > I'm surprised it would be in the repos. DCC is not Free Software. > > Warren Me too, but something is listed. Maybe I its something else. I'll leave my own installation alone and try and mend that instead any way. root@logout:~/build# aptitude search dcc p ddccontrol- a program to control monitor parameters p ddccontrol-db - monitor database for ddccontrol p gddccontrol - a program to control monitor parameters p libddccontrol-dev - development library for ddccontrol p libddccontrol0- shared library for ddccontrol p liece-dcc - DCC program for liece v odccm -
Re: DCC plugin for SA
On 1/20/2011 1:06 AM, J4 wrote: I had not realised it was in the repos - I just checked and it is. Damn. I'm surprised it would be in the repos. DCC is not Free Software. Warren
Re: DCC plugin for SA
On 01/20/2011 12:03 PM, J4 wrote: > On 01/20/2011 11:58 AM, Warren Togami Jr. wrote: >> On 1/20/2011 12:49 AM, J4 wrote: >>> Good morning to all of you, >>> >>> This popped up in the spamd.log after a reboot (done to test everything >>> worked after a reboot). >>> >>> warn: dcc: dccifd -> check skipped: dcc: failed to connect to a >>> socket >>> /var/dcc/dccifd: Connection refused >>> >>> The socket is there: >>> srw-rw-rw- 1 dcc spamd 0 Jan 10 09:40 /var/dcc/dccifd >>> >>> local.cf has :- >>> use_dcc 1 >>> dcc_path /usr/local/bin/dccproc >>> >>> v310.pre has :- >>> loadplugin Mail::SpamAssassin::Plugin::DCC >>> >>> Is there anywhere else I could look: >>> The last log entry for DCC in /var/dcc/log was yesterday at 16:36, which >>> makes sence. >>> -rw--- 1 dcc spamd 2771 Jan 19 16:36 msg.0cTgcW >>> >>> Is this an SA related problem or specific to DCC. If the latter, then I >>> shall seek help elsewhere as it might be considered off-topic. >>> >>> Best wishes, s >>> >> What distribution are you using? >> > Debian Squeeze. > Forgot to mention that I built it from source: Version is dcc-dccproc-1.3.134 I had not realised it was in the repos - I just checked and it is. Damn.
Re: DCC plugin for SA
On 01/20/2011 11:58 AM, Warren Togami Jr. wrote: > On 1/20/2011 12:49 AM, J4 wrote: >> >> Good morning to all of you, >> >> This popped up in the spamd.log after a reboot (done to test everything >> worked after a reboot). >> >> warn: dcc: dccifd -> check skipped: dcc: failed to connect to a >> socket >> /var/dcc/dccifd: Connection refused >> >> The socket is there: >> srw-rw-rw- 1 dcc spamd 0 Jan 10 09:40 /var/dcc/dccifd >> >> local.cf has :- >> use_dcc 1 >> dcc_path /usr/local/bin/dccproc >> >> v310.pre has :- >> loadplugin Mail::SpamAssassin::Plugin::DCC >> >> Is there anywhere else I could look: >> The last log entry for DCC in /var/dcc/log was yesterday at 16:36, which >> makes sence. >> -rw--- 1 dcc spamd 2771 Jan 19 16:36 msg.0cTgcW >> >> Is this an SA related problem or specific to DCC. If the latter, then I >> shall seek help elsewhere as it might be considered off-topic. >> >> Best wishes, s >> > > What distribution are you using? > Debian Squeeze.
Re: DCC plugin for SA
On 1/20/2011 12:49 AM, J4 wrote: Good morning to all of you, This popped up in the spamd.log after a reboot (done to test everything worked after a reboot). warn: dcc: dccifd -> check skipped: dcc: failed to connect to a socket /var/dcc/dccifd: Connection refused The socket is there: srw-rw-rw- 1 dcc spamd 0 Jan 10 09:40 /var/dcc/dccifd local.cf has :- use_dcc 1 dcc_path /usr/local/bin/dccproc v310.pre has :- loadplugin Mail::SpamAssassin::Plugin::DCC Is there anywhere else I could look: The last log entry for DCC in /var/dcc/log was yesterday at 16:36, which makes sence. -rw--- 1 dcc spamd 2771 Jan 19 16:36 msg.0cTgcW Is this an SA related problem or specific to DCC. If the latter, then I shall seek help elsewhere as it might be considered off-topic. Best wishes, s What distribution are you using?
DCC plugin for SA
Good morning to all of you, This popped up in the spamd.log after a reboot (done to test everything worked after a reboot). warn: dcc: dccifd -> check skipped: dcc: failed to connect to a socket /var/dcc/dccifd: Connection refused The socket is there: srw-rw-rw- 1 dcc spamd 0 Jan 10 09:40 /var/dcc/dccifd local.cf has :- use_dcc 1 dcc_path /usr/local/bin/dccproc v310.pre has :- loadplugin Mail::SpamAssassin::Plugin::DCC Is there anywhere else I could look: The last log entry for DCC in /var/dcc/log was yesterday at 16:36, which makes sence. -rw--- 1 dcc spamd 2771 Jan 19 16:36 msg.0cTgcW Is this an SA related problem or specific to DCC. If the latter, then I shall seek help elsewhere as it might be considered off-topic. Best wishes, s