On Wednesday, February 8, 2006, 11:06:07 AM, Markus wrote: MG> If a experimental rule showed to be reliable they move them in MG> the appropriate category (rich, fraud,...) MG> MG> MG> MG> I'm not sure about this but I think it's so and so it shouldn't MG> be necessary to do something like manualy block updates.
This is not how it works. Experimental rule groups contain "abstract" rules that may not classify a particular type of message. Indeed, even rules that are coded to more specific groups will likely match messages that are outside of those categories because the blackhats frequently re-use domains and other features in many different campaigns. For example, the current "chatty drugs", "chatty loans", and "chatty watches" campaigns all tend to share the same domains in their links. Along the lines of delaying implementation of new rules, we can configure rulebases and rule groups within them to only accept rules with a specific minimum age in days. We might have to charge for this kind of custom modification, and it would by it's nature increase spam leakage. _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
