Idea for increasing effectiveness

Posted Sep 12, 2002 3:25 UTC (Thu) by Strike (guest, #861)
Parent article: Spam avoidance techniques

Maybe I'm crazy, but I don't see why you can't simply daisy-chain the two together to provide even better results. This way you can tweak SpamAssassin to a good enough target score that won't produce false positives (I've found that an aggregate score of 8 or so without changing any of the test scores does a fine job, though does miss a few), and then the mails that have gone to great enough length to assure that all the header tests, MX tests, subject tests, and content (such as MIME type) tests that SpamAssassin does don't pump up the score very high will be subject to the Bayesian approach as well.

This way, spam mails that are clever enough to pass one but not the other, will be tossed aside.

to post comments

Idea for increasing effectiveness

Posted Sep 12, 2002 22:54 UTC (Thu) by gswoods (subscriber, #37) [Link] (3 responses)

I am curious about the legal issues. I personally am not a lawyer, but
when I have taken tutorials at conferences on Internet legal issues, I
have been warned repeatedly about content filtering. SpamAssassin and the
Bayesian filters are content filtering, because they examine the content
of the message itself and filter based on that. This is fine for the end
user to do, but if you do it as an organization, you are potentially
opening yourself up to a big liability. Remember the Prodigy case? The
ruling there was essentially that, since they were doing content filtering,
they were liable for whatever *did* get through. So if you use SpamAssassin
on the organization's mail server, and one of your employees gets a kiddie
porn spam in spite of that and is offended by it, you could be sued.

We have started using IP blacklist filters here. This is safer from the
legal point of view, because the content of the message itself is never
examined. The message is rejected before it is ever sent. Our blacklist
filters have a lot of false negatives, but the problem with false positives
has been nearly nonexistent. Also, I used to get hundreds of bounced spams
every day, and the number has dropped to nearly zero since we started filtering.

I think IP blacklists still have their place.

Sued ?!?

Posted Sep 13, 2002 10:16 UTC (Fri) by job (guest, #670) [Link] (2 responses)

It sounds like the problem is that you don't live in a free country, rather than being a problem with content filtering.

Sued ?!?

Posted Sep 13, 2002 16:36 UTC (Fri) by gswoods (subscriber, #37) [Link] (1 responses)

Yeah, right. And just where is this 'free' country?

US law has lots of problems, but so does anyplace else.

Besides, this is a gratuitous anti-American comment. There's no need for
that here. We all have valid reasons for living where we do. I think it
would be stupid to move to another country just so that I could be free
to filter content for an entire organization. And it's just as easy to
argue that content filtering restricts the freedom of employees to use
the Internet. I'm not saying I agree with that argument, but you have to
be very careful when glibly tossing around the word 'free'.

Lastly, content filtering is not illegal even here. It's just that if you
filter, then you're responsible for what gets through your filters.
Personally, I would agree that's silly, but that's what the courts have ruled.

Sued ?!?

Posted Sep 19, 2002 11:08 UTC (Thu) by job (guest, #670) [Link]

Oh, I have no idea you lived in the US. It was not an anti-American comment at all, just pro-free society, no matter where on Earth it may be. Don't take it personally.