On Sunday, March 6, 2005, 7:45:36 AM, Eric Hall wrote:
On 3/6/2005 3:25 AM, Matt Kettler wrote:
These days spamming is done via botnets
That's already trapped by sbl+xbl.
sbl-xbl is very good, but it has not and cannot solve the zombie
problem entirely. There's always a lag between zombies
On Saturday, March 5, 2005, 11:24:25 AM, Eric Hall wrote:
On 3/4/2005 1:57 PM, Rob McEwen (PowerView Systems) wrote:
Quinlan: Any technique that tries to identify good mail without
authentication backing it up, or some form of personalized training. It
worked well for a while, but it's
On 3/5/2005 9:00 PM, Jeff Chan wrote:
On Saturday, March 5, 2005, 11:24:25 AM, Eric Hall wrote:
On 3/4/2005 1:57 PM, Rob McEwen (PowerView Systems) wrote:
Quinlan: Any technique that tries to identify good mail without
authentication backing it up, or some form of personalized
training.
On Saturday 05 March 2005 9:54 pm, Eric A. Hall wrote:
Yes, my point being that rather than saying they are not useful we
really ought to be working hard on finding ways to add more of them,
because it is their volume that makes them useful (otoh, having too many
of them, such that the bar is
At 02:58 AM 3/6/2005, Kelson Vibber wrote:
Yes, my point being that rather than saying they are not useful we
really ought to be working hard on finding ways to add more of them,
because it is their volume that makes them useful (otoh, having too many
of them, such that the bar is lowered, is
At 03:16 AM 3/6/2005, Eric A. Hall wrote:
But, compare this to something like scoring against TLS encryption
strength. Spammers are motivated to send as fast as possible, and strong
encryption is counter-productive to that mission (increasingly so), and
they can't fake it because it can be
On Sunday, March 6, 2005, 12:16:50 AM, Eric Hall wrote:
But, compare this to something like scoring against TLS encryption
strength. Spammers are motivated to send as fast as possible, and strong
encryption is counter-productive to that mission (increasingly so), and
they can't fake it because
On 3/6/2005 3:25 AM, Matt Kettler wrote:
These days spamming is done via botnets
That's already trapped by sbl+xbl.
Adding TLS shouldn't slow them down much, as it's mostly a CPU hit to
do so...
There's a lot of stuff involved, and there's lots of things to score on.
Here's a couple of
jdow wrote:
Methinks there is a candidate meta rule here. SPF passes and it's in
certain of the BLs leads to a higher score than merely being in the BL.
In particular, an SPF (or similar) pass will make RHSBLs
(right-hand-side blacklists, for those following along) more useful.
I mean, if
Kelson wrote:
jdow wrote:
Methinks there is a candidate meta rule here. SPF passes and it's in
certain of the BLs leads to a higher score than merely being in the BL.
In particular, an SPF (or similar) pass will make RHSBLs
(right-hand-side blacklists, for those following along) more useful.
I
From: Daryl C. W. O'Shea [EMAIL PROTECTED]
Kelson wrote:
jdow wrote:
Methinks there is a candidate meta rule here. SPF passes and it's in
certain of the BLs leads to a higher score than merely being in the BL.
In particular, an SPF (or similar) pass will make RHSBLs
using whitelist_from_rcvd), make a lot of sense to me.
If some mentally deficient spammer has the stupidity to maintain an SPF
record for his spam site that is identified in black lists he probably
should get some additional Brownie Points for his stupidity, eh?
{^_-}
Just came across
On 3/4/2005 1:57 PM, Rob McEwen (PowerView Systems) wrote:
Quinlan: Any technique that tries to identify good mail without
authentication backing it up, or some form of personalized training. It
worked well for a while, but it's definitely not an effective technique
today.
I kind of disagree
Good interview with Daniel Quinlan about SA:
http://www.osdir.com/Article4419.phtml
Especially:
OSDir.com: What's the most effective anti-spam technology that
SpamAssassin uses right now?
Quinlan: I think network rules are the most effective single
technology, in particular, the URI
Quinlan: Any technique that tries to identify good mail without
authentication backing it up, or some form of personalized training. It worked
well for a while, but it's definitely not an effective technique today.
Is he referring to a system which might assume all mail is spam unless proven
Rob McEwen (PowerView Systems) wrote:
Quinlan: Any technique that tries to identify good mail without
authentication backing it up, or some form of personalized training.
It worked well for a while, but it's definitely not an effective
technique today.
Is he referring to a system which
Rob McEwen (PowerView Systems) [EMAIL PROTECTED] writes:
Quinlan: Any technique that tries to identify good mail without
authentication backing it up, or some form of personalized
training. It worked well for a while, but it's definitely not an
effective technique today.
Let me rephrase that
On Friday, March 4, 2005, 2:05:52 PM, Daniel Quinlan wrote:
They also removed the name of the company where I work (IronPort), which
struck me as a bit odd considering how my job allows me to do open
source was part of the article. I think my employer deserves some kudos
for that.
Probably
From: Rob McEwen (PowerView Systems) [EMAIL PROTECTED]
The reason that I ask is because I'm wondering whether whitelisting is
really a good idea. It seems like every article in the world on spam filters
says, a product MUST allow for whitelisting senders or it is no good.
However:
(1) I
From: Kris Deugau [EMAIL PROTECTED]
The only (default) negative rules remaining are for Bayes (varies
per-system, and often per-user), BondedSender/Habeas/HashCash (sender
posts a bond with $company, and if they're found to have spammed, they
lose that bond - details vary), ALL_TRUSTED (for
20 matches
Mail list logo
