[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IMPORTANT: your message to html-tidy



on Wed, Sep 10, 2003 at 10:28:46AM +1000, Craig Sanders (cas@taz.net.au) wrote:
> On Tue, Sep 09, 2003 at 07:49:36AM +0100, Karsten M. Self wrote:
> > on Tue, Sep 09, 2003 at 11:07:39AM +1000, Craig Sanders (cas@taz.net.au) wrote:
> > > Percentages:
> > > spam:non-spam (25512/29605) 86.17%
> > > accepted spam (382/4475) 8.54%
> > > rejected spam (25130/25512) 98.50%
> > > 
> > > i'm reasonably happy with that.  98.5% of all spam was rejected
> > > outright.  only 382 spams (1.5%) made it through my postfix access
> > > lists, RBLs, etc to be tagged by spamassassin.
> > 
> > I'd argue that differently.
> 
> fine.  on YOUR system, argue it however you like.  on MY systems,
> however, MY rules apply.

That's actually a pretty good restatement of the issue.

This is your machine.  You are the sole judge of what is or isn't spam.
You're not compelled to respect the wishes or needs of other users.

Where this isn't the situation, where you are serving a diverse userbase
-- say, the other 40 peopoe at your company, including international
sales and marketing staff, or the 3,000 subscribers to your small ISP,
or the 35 million subscribers to AOL USA, not to mention European and
Asian subsidiaries, then rigid blocks such as you're proposing simply
don't work.  Spam filtering is always simplest when one person decides,
and controls, what the definition of spam is.  In order to generalize
spamfilteringing, you have to use a system that's adaptive to the needs
of its users.

If spam filtering is going to become useful and widely deployed
*without* Balkanizing the Internet, then approaches such as yours (which
is essentially what AOL is doing now) cannot be widely used.

On your own system, for your own use, sure.  For general use?  Nope --
Debian could never ship that.


> > You've blocked a total of 6016 mails of 55,117 attempted deliveries,
> > based on the IP address of the sending MTA's IP address.  
> 
> you can't count, you can't read, and you can't reason, either.   i
> have no idea where you got your numbers from, they bore no
> relationship to the stats i posted.  

Counting lines w/ 'RBL' on 'em I got 6016 messages.  I added your spam
and non-spam totals (or what appeared to be these) to get 55,117.

Precise counts are less significant than the fact that you blocked
several thousand messages on the weight of originating IP block alone.

> furthermore, you don't have access to my mail logs, so you can't see
> all the obviously spammer email addresses that were blocked.

This is precisely the point I'm *not* making.

It's not about how effectively this works for you.  It's how effectively
it works in a general form.

> i use spamassassin as a content filter.  i also use my own blacklists,
> access rules, RBLs etc to reject spam during the SMTP session.  this
> minimises the amount of spam that SA has to process (i have thousands
> of custom SA rules, not just the default ones), minimises the amount
> of spam that makes it through to my mailboxes, and minimises the
> number of undeliverable spam bounces clogging up my mail queue.

My own experience with SpamAssassin was that, once I'd put it in place,
I was far better off relying on its rules for filtering spam, and
reducing my own procmail scripts to sorting listmail.

I'll grant that you reach the point where SA on old HW for an
appreciable mail load isn't feasible.  The alternative, again, for a
site serving a diverse user base, is to realize that mailserving is no
longer a low-end system, lightweight task.

Running SA on modest HW with networking rules disabled can filter 20-40
messages/hr according to Dan Quinlan (SA developer, personal
conversation).


Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    Defeat EU Software Patents!                         http://swpat.ffii.org/

Attachment: pgpYUL1O4CBui.pgp
Description: PGP signature


Reply to: