Re: Every spam is sacred
On Sun, 15 Jun 2003, Manoj Srivastava wrote:
> Santiago Vila <sanvila@unex.es> said:
>
> > Mathieu Roy wrote:
> >> > IMHO, the best of both worlds is blocking the *completely*
> >> > obvious spam (open relays, etc. like the DSBL does) and filtering
> >> > the rest.
> >>
> >> A message sent via these bad ISP is a "completely obvious spam"? I
> >> would be happy to share this simplistic approach.
>
> > You are the one being simplistic.
>
> How so? An open relay is a configuration that may be conducive
> to spam, but it does not follow that every message that comes from an
> open relay is spam.
I called Mathieu simplistic because he was talking in terms of "bad ISPs",
"good ISPs". I bet that most ISPs do not have their main SMTP servers as
an open relay, because otherwise they would have serious connectivity
problems with the rest of the world.
> >> A workaround for the problem this policy creates: at the contrary
> >> of what you said, you rarely can say whether a mail is spam or not
> >> just with an IP.
>
> > For some IPs, yes, I can, with 99.95% of confidence.
>
> Firstly, that is a statistical project based on a limited
> number of surveys, and may not truly represent the distribution of
> spam and ham at any given IP address in the RBL.
Yes, it's a statistical guess, based on the data provided by Duncan.
The real data could be lower than 99.95%, but it could be also higher
than 99.95%, so unless you have better data, that's all we have.
We could have better data if we had DSBL in warning mode, but you
know, debian-admin have said "no" because of the high number of false
positives this X-RBL-Warning: header would produce.
> Secondly, the threshold may well be different for everyone, so
> just because you are comfortable does not mean others are.
I already know, Manoj. If there would not exist recipients_reject_except,
you and debian-admin would probably consider 99.95% not enough, and
would ask for this figure to be 99.9995% before we agree to use DSBL
site-wide for everybody, which means if it was only 99.9994%, in
order for you not to miss your valuable false positive I should receive,
download and handle 200000 spam messages, which is 1Gb of spam.
Does my inbox and bandwidth have some value for you, Manoj?
Reply to: