Hi,
The product I've been working with allows th user to set Rejection and
Deletion thresholds, at which a message identified as spam will be
rejected with "550 - Message is Spam" etc., or accepted with "250 OK"
but dropped on the floor, respectively. Historically it has been
believed that if we have a high enough confidence that a message is
spam, it is adventageous to pretend we have accepted the message in
order to avoid allowing spammers to know whether their methods are
working. I have not verified anywhere that this practice really does
have a negative impact on spammers. This would especially be
invalidated if most of the rest of the spam filtering world does not
make use of 'delete' and simply issues rejections -- in that case, if
the spammers don't get the information from me, they'll get it from the
next guy.
I do know that having a delete threshold occasionally causes false
positives to go undetected by end users. That is a bit of a
disadvantage. The suggestion has also been raised that claiming to
accept spam rather than rejecting it might invite spammers to send more
spam your way.
Does anyone have any knowledge or opinions on these matters? Does
pretending to accept a message contribute to the "fight against" spam in
some way? Or does it invite more spam? Is it worth it?
Jared Johnson
Software Developer and Support Engineer
Network Management Group, Inc.
620-664-6000 x118
--
Inbound and outbound email scanned for spam and viruses by the
DoubleCheck Email Manager: http://www.doublecheckemail.com