Firstly, the instructions for reading this e-mail: please read it whole, and understand that (although it may sound harsh at places) I am actually trying to help you. Only then reply (if needed). It is also somewhat long, but it does contain some technical info (and not only my rants :) Thanks.
On Thu, Jan 28, 2010 at 09:34:46AM +0800, jida...@jidanni.org wrote: > Long ago, I tried mailing directly direct-to-mx style, but that of > course didn't work, e.g., http://www.spamhaus.org/pbl/query/PBL109625 > So only 5% of my mail got through. > > So then I tried mailing through The ISP Here, Hinet.Net's SMTP server, > but of course Hinet.Net has a bad name. So only 50% of my mail got through. Yeah, well, there is this thing about SMTP... It haven't really work correctly for at least last 10 years. It's doomed protocol. Nothing can save it nowadays. It is taken from granted that some percentage of *anyone's* e-mail is going to be lost and never reach its destination. That percentage might be lower or higher, depending on many factors, most prominent of which is luck. It's too bad, it was a nice and happy and simple (hence the name) protocol before spammers got it and pretty much destroyed it. Ok, now that we've got THAT part over with, we can get down to the point how to minimize the pain you *will* suffer by using SMTP if you decide to continue using it. > So, upon people like you guy's recommendation, I (asked my mom to buy) > me a dreamhost.com account. Does it work better then 50% you got with HInet.Net SMTP ? If so, then it is great - you've got better deal then before, right ? Maybe you wanted even better, but hay... nothing is perfect, remember. If it however works worse with dreamhost than before with Hinet.Net SMTP server, than it was wasted money. That is sad, but such things happen all the time too, you pay for something only to find out it was not a good deal for you. One thing to note - you (or anybody else) will never *ever* get it so that 100% of your mail always reaches the other side. Those days when such a thing was possible (no matter in what country the mail originated) are long gone -- and even before spam and all the antispam measures, mail did get lost occasionally. Nowadays, it is quite everyday that some mails gets lost. It is considered acceptable collateral damage in full-fledged war to protect mailboxes from spam. > However I can't shake off the Original Sin of Being in Taiwan. All > people with Taiwan Colored Skin will have points deducted, no matter Knock it off with that "you're all wanna-be racists" stuff, will you please? It is clear that racism has absolutely nothing to do with your problems, and you are just insulting people who are trying to help you. Furthermore, people on this list who are replying to you are (in great majority at least) just users of the rules, they did not write them - the SARE Ninjas did. So even if your intent *is* to insult people who wrote rules which are making you problems (which I hope it is not), you're insulting the wrong people. You've come to this mailing list (presumably) to ask people to invest their time to help *you*, something they have no obligation to. At least you could try to be polite to them (of course nobody can *make you*, but it will just lower your chances of getting help). Also note that SARE Ninjas are long gone - see main page http://www.rulesemporium.com/. So nobody could fix those rules even if they thought it was a good idea (and at least some people are not convinced it is a bad idea); and even if the rules could be fixed, still at least half the world would *never* update them to new versions. So you would still get blocked, only perhaps a little less. That is just a fact (based on extensive mailadmin experience), so trust me on that. Also please note that even when SARE Ninjas were here, they did not write those rules because they were racists that hated Taiwanese people - they wrote them them because they were effective (see below for technical info). > what. We use the Telephone Company's ISP. Yup. And somebody once decided that mail coming from your Telephone Company's ISP (and other places) is mostly spam. The last updates and test done in that rules file are from 2006, though, so it may have changed since. Here is the technical data (note: I'm not a SARE Ninja and never was, but I can read most rules and have written quite a few of my own): http://www.rulesemporium.com/rules.htm lists the problematic 70_sare_header1.cf rule with following comments: "the 70_sare_header1.cf ruleset contains rules which do (or in the past have) hit ham during SARE mass-check tests. The S/O calculated by SA's hit-frequencies scripts are all at or above 0.900. This file also contains rules which hit only spam, but fewer than 10 spam in our mass-check tests. Systems which are highly sensitive to false positives and/or tight on resources may want to exclude this ruleset, pick and choose among its rules, or lower their scores." In translation, it means that mail admins that choose to install 70_sare_header1.cf ruleset find it acceptable that 10% of legitimate e-mail *will be* wrongly tagged with such spam score. So for those mail admin that 10% counts as "acceptable collateral damage". If they did not think it was acceptable tradeoff, they would have installed only 70_sare_header0.cf not 70_sare_header1.cf and higher rulesets. If we take a close look at SARE_RECV_SPAM_DOMN0b rules in that ruleset at http://www.rulesemporium.com/rules/70_sare_header1.cf , we will see: #ham SARE_RECV_SPAM_DOMN0b confirmed (many) it means that it is known that this rule will mark many non-spam e-mails as spam. Detailed statistics could be found in #counts lines, for example: #counts SARE_RECV_SPAM_DOMN0b 1272s/39h of 173032 corpus (99056s/73976h RM) 05/11/06 says that on 11 May 2006, in a group of 173032 e-mails (99056 of them spam, and 73976 of them legitimate e-mails) by SARE Ninja "RM", this rules correctly marked 1272 of them as spam, and also WRONGLY detected 39 of legitimate e-mails as spam. Which is about 3% false positive, which is well inside defined 10% false positive for this ruleset. > J> He is, but it isn't a Hinet relay. At least not in the URL he gave. > J> It should be possible to relay out from your own ISP and not score > J> anything on SARE rules, without having to pay extra for "clean" SMTP > J> relaying (which is what seems to be happening here). > > Now you guys are saying I should go back to using Hinet.Net's SMTP, even > though my mom has already paid a 5 year contract for me at Dreamhost. Well, it depends on the results. Does the Dreamhost get you lower spam scores on average then using Hinet or not ? > >> The rule is buggy -- it's looking at all the > >> received headers, even the ones before the relay. > > Yes, and what may seem like a mere 1.6 points is causing me to have to > request the whole spam threshold of that mailing list > http://article.gmane.org/gmane.linux.debian.devel.eeepc/2850/raw be > lowered just for me, just because my mail is being tagged with a stupid > looking "mail Made in Taiwan, penalty 1.666 points" that I can't do > anything about, thanks to you guys and no one else. You know what I do ? On some servers I admin, I by default tag *all* the mail not written in Croatian language with 2.0 points spam. That includes all the e-mail in english and all the e-mail in taiwanese and quite a lot of other e-mail. I do that *not* because I am bloody racist and nationalist that hates everybody who is not Croat, but because those servers are supposed to get extremely low amounts of non-Croatian e-mails, and it helps greatly to reduce spam. It might hurt occasional out-of-country visitor once in a while, but only if they were already spam-suspicios. For me, that is acceptable tradeoff to having my users waste time on more spam everyday. > Also, I wonder why lots of my mail doesn't seem to get through to > people... and no, I don't want to bother them with various test > messages. Perhaps it is all again due to your sloppy rules? > > Actually, I could figure out some underhanded methods to get around > being detected as living in a Undesirable Country, but if ever detected, > I would surely get penalized even more points. If you were using such tactics to send significant amounts of spam, then yeah, you probably would be detected and blocked (probably not by SARE Ninjas though - they are gone for at least last 3 years). If you (not other people) don't use it to send spam, I seriously doubt that anybody would invest their time to write rules to block your mail, just because they are racists and hate to see non-white-people e-mail on the Internet. Heh, note that I was wrong above ! Despite they seemed quite dead for the last several years, at least one of the SARE Ninjas (or their associate with privileges enough) is not only alive but had heard your plea, and tried to help you on 28-Jan-2010 by putting: score SARE_RECV_SPAM_DOMN0b 0.0 it the 70_sare_header1.cf ruleset. However, that probably would not work too good, because: - they did not seem to update 70_sare_header1.cf.sig digital signature, so automatic update would probably fail even if someone manged to pulled it. - the "Modified" and the "#@@#" history on the top of the Ruleset are not updated (they should be) - the autoupdater (maybe because of previous error(s) ?) does not seem to pull that change - my sa-update says: [1016] dbg: channel: attempting channel 70_sare_header1.cf.sare.sa-update.dostech.net [1016] dbg: channel: update directory /var/lib/spamassassin/3.002005/70_sare_header1_cf_sare_sa-update_dostech_net [1016] dbg: channel: channel cf file /var/lib/spamassassin/3.002005/70_sare_header1_cf_sare_sa-update_dostech_net.cf [1016] dbg: channel: channel pre file /var/lib/spamassassin/3.002005/70_sare_header1_cf_sare_sa-update_dostech_net.pre [1016] dbg: channel: metadata version = 200605212000 [1016] dbg: dns: 5.2.3.70_sare_header1.cf.sare.sa-update.dostech.net => 200605212000, parsed as 200605212000 [1016] dbg: channel: current version is 200605212000, new version is 200605212000, skipping channel Hopefully someone can fix that issues also (note that it still won't help you in may SMTP servers which do not automatically pull new versions -- you will still have to contact every and each of them to do that manually if you want them to update the rule) -- Opinions above are GNU-copylefted.
