-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Robert Menschel writes: > Hello Jon, > > Friday, February 13, 2004, 9:11:41 PM, you wrote: > > J> On Fri, 2004-02-13 at 20:59, Robert Menschel wrote: > >> I suggest that if we could store a record with three or four fields, > >> message-id, checksum(subject), checksum(body), and maybe time(firstseen), > >> we could use this as a database, and apply a rule (maybe named > >> DUPLICATE_MESSAGEID) where either (1) checksums don't match, or (2) > >> time(now) is significantly different from time(firstseen). > >> > >> Does this seem like a worthwhile approach? > > J> IANAD (I am not a developer) but I don't think I this a worthwhile > J> approach for two related reasons: > > J> * it costs us (the mail admins) too much > J> * it costs spammers too little > > J> We would need to go through the effort of implementing this in code, > J> then setting off resources (disk and CPU) to checksum and record these > J> attributes of incoming messages. > > I see this resource requirement as being minimal -- a small fraction of > what we do currently with Bayes. > > J> In response, spammers would only need to insert a %RND_MSG_ID to > J> render all our efforts useless. > > It'd be easier to simply have their spam-mail programs generate normal, > unique message ids... That's what a real message-ID *is* anyway. The reason they don't do it is because we can use those patterns as spam signs. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Exmh CVS iD8DBQFAMq4TQTcbUG5Y7woRAk1bAKC9JhMQ3C6TOHWGdjpnhErar3ne5gCg0EPu XmwUNygJFZxn9QqasC5lAIM= =+Bl0 -----END PGP SIGNATURE-----
