Re: Claims manager / LOTTO_AGENT
Hello there, Well if you feel uncomfortable with running mass-check and send data (not the email themselves, just the rules they hit, as Darxus is pointing out), you may want to override the score for those rules in your local.cf. You may even write you own rules to compensate those false positives. If you can't contribute to SA by giving feedback via the mass-check, then do what you need to do on your side. Everybody here will be glad to help ;) Alex, from prypiat. Yes, I recycle. On 12-11-07 11:02 PM, Michael Orlitzky wrote: > On 11/07/2012 10:36 PM, dar...@chaosreigns.com wrote: >> On 11/07, Michael Orlitzky wrote: >>> Sorry, I was a little rude. But saying that she shouldn't put her job >>> title anywhere in an email, ever, is ridiculous. >> Certainly. >> >>> The inputs (spam, ham) >>> to the classifier are assumed god-given; and the classification needs to >>> reflect the data, not the other way around. >> If "the classifier" is spamassassin, and "The inputs" are the spam >> and ham data provided via masscheck, then... the scores provided via >> sa-update *do* reflect the data. So I'm not sure what you mean. >> >> The ideal rule scores are chosen to cause one false positive (ham flagged >> as spam) in every 2,500 hams, while maximizing the number of spams >> correctly flagged as spams. With so few hams hitting this rule in the >> masscheck corpora, we're way below that threshold based on the data we >> have. >> > I wrote that before I saw your clarification, sorry again for coming off > as a jerk. Ignore it. > > >>> This is my fault, of course, but I'm not allowed to mass-check this >>> stuff. It's ongoing legal correspondence. >> Er, what? You're not allowed to provide a list of which rules hit each >> of your emails? Or you're not allowed to run a program on your emails >> that isn't spamassassin? Or did I just not put "This does not require >> sending us your email" in bold enough times on the masscheck page? >> > This is a client of ours (a law firm) and not the company that I work > for. *I* know there's probably nothing sensitive in there, but just to > cover my ass I'd need to get permission to send the results off-site. > From their perspective, it's just simpler to say no: it's not worth the > time or effort to even think about if there's a minute chance of it > coming back to bite them legally. signature.asc Description: OpenPGP digital signature
spam from venamail
is anyone else getting spam from venamail.com servers ? they usually come from a something.co.uk type email addy usually letting spam and now starting to adver other junk we see a coupla few a week slip through. how are you dealing with it in terms of spamassassin rules or otherwise? - rh
Re: Claims manager / LOTTO_AGENT
On Wed, 7 Nov 2012, Michael Orlitzky wrote: On 11/07/2012 10:36 PM, dar...@chaosreigns.com wrote: On 11/07, Michael Orlitzky wrote: This is my fault, of course, but I'm not allowed to mass-check this stuff. It's ongoing legal correspondence. Er, what? You're not allowed to provide a list of which rules hit each of your emails? Or you're not allowed to run a program on your emails that isn't spamassassin? Or did I just not put "This does not require sending us your email" in bold enough times on the masscheck page? This is a client of ours (a law firm) and not the company that I work for. *I* know there's probably nothing sensitive in there, but just to cover my ass I'd need to get permission to send the results off-site. Only the list of rules which hit is publicly visible, the actual content of the message is not. Any leakage of confidential information is very unlikely. From their perspective, it's just simpler to say no: it's not worth the time or effort to even think about if there's a minute chance of it coming back to bite them legally. I will take a look at "claims manager" in the 419 rules. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- ...the good of having the government prohibited from doing harm far outweighs the harm of having it obstructed from doing good. -- Mike@mike-istan --- 3 days until Veterans Day
Re: Claims manager / LOTTO_AGENT
On 11/08/2012 10:44 AM, John Hardin wrote: >> >> This is a client of ours (a law firm) and not the company that I work >> for. *I* know there's probably nothing sensitive in there, but just to >> cover my ass I'd need to get permission to send the results off-site. > > Only the list of rules which hit is publicly visible, the actual content > of the message is not. Any leakage of confidential information is very > unlikely. I know, but there chance isn't zero. For example, I wouldn't want to mass-check a corpus of emails to my girlfriend, and have it report that they hit LOTS_OF_VIAGRA. Likewise, things like LOTTO_AGENT can reveal that someone communicated with a claims manager. I've explained both sides, and as long as it's a non-zero chance, they aren't having it. It isn't even that there's a risk of leaking anything -- the fact that anything at all is sent could be used as justification for a pain-in-the-ass investigation that nobody wants. >> From their perspective, it's just simpler to say no: it's not worth the >> time or effort to even think about if there's a minute chance of it >> coming back to bite them legally. > > I will take a look at "claims manager" in the 419 rules. > I appreciate it, thanks.
Re: spam from venamail
On Thu, 2012-11-08 at 07:23 -0800, R - elists wrote: > is anyone else getting spam from venamail.com servers ? > No. Martin
Re: Claims manager / LOTTO_AGENT
On Thu, 8 Nov 2012, Michael Orlitzky wrote: On 11/08/2012 10:44 AM, John Hardin wrote: I will take a look at "claims manager" in the 419 rules. I appreciate it, thanks. Okay, I've committed some tuning for that rule. I will probably take a couple of days before it shows up in a rules update. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- When I say "I don't want the government to do X", do not automatically assume that means I don't want X to happen. --- 3 days until Veterans Day
