Re: Every spam is sacred
Manoj Srivastava wrote:
> From: Santiago Vila <firstname.lastname@example.org>
> Subject: Every spam is sacred
> Message-ID: <Pine.LNX.email@example.com>
> How will we be able to discuss about DNS Blocking Lists in an objective
> way if they continue to put all the DNSBLs in the same bag? How can
> they say "no" to using some of them in /warn mode without (apparently)
> even having informed themselves about the way SBL and DSBL operate?
> Even if using SBL and DSBL would produce false positives (we could
> easily check this by using the /warn mode during a week or two), there
> is still a question that we should ask ourselves: How many avoided
> spam messages are required to match the value of one "false positive"?
> One thousand? One million?
Yes, I suggested two different things in the same message:
a) Have X-RBL-Headers:. I have yet to see which harm would they make,
other than opening the eyes of those who think all DNSBLs are evil(TM).
b) That we think about the high price we are paying for the mail we
receive at @debian.org.
Nobody answered to b), not even a partial answer, as if the price of a
false positive was "infinite". I'm not sure I can't accept "infinity"
as the price of something.
With the help of Duncan Findlay, I have now some interesting data:
Assuming that we receive approximately the same amount of spam and non-spam
(a recent survey says that spam is now more than 50% of all email),
the Bayes rule says that probability that a message sent from an IP in
the DSBL is spam is about 99.95%. This is equivalent to saying that
for each approximately 2000 messages that you receive from an IP
listed in the DSBL, only one of them is not spam.
In other words: For you, Manoj, not to miss your valuable "false positive"
I (and everybody) have to receive and handle 1999 spam messages.
I think this is simply not fair...
Anyway, exim has a variable called recipients_reject_except, so there
is no point in discussing about site-wide blocking when we can do
Assuming some consensus in that if we were to choose a single DNSBL to
be implemented site-wide-with-exceptions-for-those-who-ask, the DSBL
would be a good choice, what would you think about making a list of
people to be put in recipients_reject_except and asking debian-admin
to enable list.dsbl.org for everybody except those who ask to be