Re: Spam on the list

• Previous message: Seth Arnold: "Re: Spam on the list"
• In reply to: Seth Arnold: "Re: Spam on the list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Seth Arnold wrote:

>On Fri, Aug 29, 2003 at 10:36:03PM -0400, John S. Wolter wrote:
>  
>
>>Would it be ok with the list if I approach them about providing 
>>Anti-Spam services?  The service interjects itself just before EMail 
>>    
>>
>This doesn't sound like a great deal to me. (a) spamassassin is free --
>
I agree with Seth: no, I don't want to change away from Spamassassin at 
this time. Some observations:

    * LSM was spam free for the first year or so, because we used the
      "closed list, moderate posts by non-subscribers" method. This was
      unacceptable to the LKML group, so we had to open it to
      cross-posting and use Spamassassin to filter the resulting spam.
    * Both Spamassassin and Mozilla Bayesian filtering (what I
      personally use) have been suffering more false negatives (spam
      leaking through) lately. I attribute this to more sophisticated
      effort on the part of the spammers to bypass simple filtering.
      They are using a variety of tricks, which I believe work equally
      well on most filtering techniques that don't have a human in the loop:
          o Carefully avoiding "red flag" words like "penis" and
            "mortgage", and instead using either synonyms or mis-spellings.
          o Populating the post with "good" text (excerpts from actual
            good text) to confuse score-based filters.
          o Segmenting words with HTML comments, so that whole "bad"
            keywords are not visible as such unless you do HTML
            rendering before filtering.

In the face of an intelligent adversary, almost all current spam 
filtering methods are kludges that lead to an arms race. The ones that 
don't are deemed too inconvenient: challenge/response and close mailing 
lists. IMHO, things will continue to degrade until a fundamental change 
is made to either spam law or SMTP protocols. In the mean time, I'm 
quite happy with our current kludge (Spamassassin) and don't really want 
to change to a different kludge: the Spamassassin people make continuous 
improvements, and we benefit from that.

Crispin

-- 
Crispin Cowan, Ph.D.           http://immunix.com/~crispin/
Chief Scientist, Immunix       http://immunix.com
            http://www.immunix.com/shop/


_______________________________________________
linux-security-module mailing list
linux-security-module@mail.wirex.com
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Grace: "Should I rent my home or buy?"
• Previous message: Seth Arnold: "Re: Spam on the list"
• In reply to: Seth Arnold: "Re: Spam on the list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Aug 30 2003 - 11:31:08 PDT