Re: An Amazing Fact

From: Andy Baxter (news2_at_earthsong.null.free-online.co.uk)
Date: 09/02/03 

Date: Tue, 02 Sep 2003 10:39:07 +0100

Alan Connor wrote:

>> Which is how you started the thread - so either you think I have a
>> terrible memory, or you think that by daring to suggest that there might
>> be anything wrong with your approach, I must be either a spammer or a
>> spam-sucker.
>
> There's nothing wrong with my approach. And I have nothing against FAIR
> and INFORMED criticism.

There are problems with it - for _some_, possibly many users, as I have
said. For example, as a few people have said, if you have a website for a
business, you can't afford to put off customers by making them return RAVs.
Considering that one of the people who made this point is running a
legitimate business selling linux CDs, I think this is fair and informed
criticism. For me as a home user, this is not a problem - there are a few
dozen people who I talk to regularly who could go in the whitelist, and
most of my other contacts are started by me, so your system would be more
suitable. I feel I have tried harder to be fair than many people on the
group, for example by acknowledging that there are problems with the
filtering approach as well.
 
>
> For
>> what it's worth, I make a personal point of never responding to
>> unsolicited emails even if they're for something I might want
>
> See? You actually READ the stuff!

Well you got me there - I used to get it all in my inbox and sometimes I'd
read some out of curiosity. Now all html mail goes in the spam folder, and
I just read the subject lines then mark them all as unread. If I get to the
point that I can trust this system, I may stop reading it altogether. So I
still have to do more work than if I had some kind of antispam program
running.
 
>> I don't know about 'most people' (and neither do you if you're honest),
>> but most of the people _that I have talked to_ don't like spam any more
>> than I do. Some people probably do expect to get something worthwhile
>> from it or the spammers wouldn't bother; whether they are in the majority
>> I don't know but I suspect not.
>
> What people SAY and what they really believe are often two different
> things.
>
> I think you know that.
>
> But the fact is that there wouldn't be any spam if the ISPs didn't allow
> it to happen and they wouldn't allow it to happen if they got clear
> messages to the contrary from the majority of their customers.

If enough people gave them this message, it would probably help matters.
 
> All they have to do, and this should be obvious, is refuse to handle
> anonymous mail.

not sure - it's technically possible to forge ip addresses and such. I'm not
enough of a hacker (in the positive sense) to know exactly what the score is
here, but I suspect
that most purely technological forms of security can be bypassed by someone
with enough wit and determination. Which probably would rule out a lot of
spammers, so you do have a point ;)

> and secondly when people take
>> the time to point out possible problems with your approach, and follow
>> this up with careful argument and personal experience, then as soon as it
>> gets to the point you might have to back down and reconsider what you're
>> saying, you either miss the point entirely or slag them off then killfile
>> them
>
>
> That simply isn't true.

It may be an exaggeration, but reading the posts you've made in this thread,
it is the general impression I have got of how you tend to respond to
criticism. You could always prove me wrong by replying to my questions in
the previous post?

> But I DO killfile people who tell lies about me on the Usenet, and if you
> do it again I will killfile you.

If it were me, killfiling them is the last thing I'd do - I'd want to read
their posts to make sure they didn't do it again.
 
> The rest goes unread.

why?

> I like my program, and it works better than SA by far.

I've said a few times - it's not a bad idea, but there are problems with it
you should consider, especially if you expect it to be used widely.

> I give it freely
> to people that want to use it, and even offer support, although only real
> newbies have needed that.

good for you.

> Now you can try again to engage me in intelligent conversation, but one
> more lie or malicious exaggeration and you are history.

To you, I would be history, to myself and the other parts of the world I am
in touch with, I wouldn't.

If you want intelligent conversation, how about replying to the 3 questions
in my last post? The last two wouldn't be a problem at the moment, when
only a few people use the system (you've said about 40 you know of), but
they would become more so if more people adopted it.

Have you thought of extending the program to allow POP filtering at the
server - i.e. download the headers to run the program against, then only
download the messages you actually want, with the 'Q' directory becoming
effectively those messages that are left on the server until the system
decides they are worth downloading. If this were possible, it would be a
significant plus point for your system, as most of the filtering methods
rely on some degree of body text filtering.

I'm not entirely convinced by the way you deal with auto-responders - can
you rely on these always using the same From: address that you wrote to? It
should be like this, but people set up their systems in strange ways
sometimes, and don't always get things right. For example I've had
legitimate emails with the X-Fake-Helo header.

In a similar vein, have you done an actual live test of what happens if you
send an email to someone else using elrav1, and you're not on their white
list? If this isn't done exactly right, there's room for mail loops
starting, which is bad news, so I'd like to know if you've done this test
in practice not just in theory.

Also, what happens with mailing lists - the From: header is often the person
who sent the mail, not the address of the list server, so you'd have to be
sure to filter on the right header. E.g. for the alsa list I'm on it's

List-Id: Advanced Linux Sound Architecture - User
<alsa-user.lists.sourceforge.net>

It might be better here to have the whitelist as a list of headers and
strings to filter on, rather than just From: addresses and domains.

andy. 

-- 
remove ' n - u - l - l ' to email me.
Please don't send me html mail or un-notified attachments. These will be
automatically filed under 'probable spam' unless I'm expecting an email
which hasn't come.
If you do need to send an attachment or html mail, put [attachment] or
[html] in the subject line.
Thanks, andy.

Relevant Pages

  • Re: [SLE] This list will be migrated to opensuse@opensuse.org
    ... violating trust, and will subsequently never be trusted again. ... all the suse lists I currently subscribe to do. ... you are probably better off filtering on the X-MailingList ... header rather than the subject line. ...
    (SuSE)
  • Re: Non English Spam
    ... Subject: Non English Spam ... encoded in one of the above character sets, ... You know all too well that filtering based on "Received" header ... language specific lists - if their message is not simply ignored. ...
    (freebsd-questions)
  • Re: An Amazing Fact
    ... > filtering approach as well. ... difference between spam and not spam. ... All they have to do is send an RAV to any address that tries to send mail. ... and I use it for mailing lists. ...
    (comp.os.linux.misc)
  • Re: OT: Can IMF be tweaked
    ... >> is sent to other Exchange servers. ... Does Sender Filtering bypass IMF? ... >> blocked senders lists are not available. ...
    (microsoft.public.windows.server.sbs)
  • Re: IP ranges used in North America, Hawaii, and Alaska?
    ... >> If you are trying to cut down on spam, ... > *Filtering* all that crap would cost a lot more. ... > That trick became useless when lists of dynamically-assigned ... The larger the network -- and presumably the more likely employees will ...
    (comp.os.linux.security)