On Mon, 4 Mar 2002, Scott Doty wrote: > On Mon, Mar 04, 2002 at 02:29:14PM -0500, Rose, Bobby wrote: > > I've perused the razor list archives and my take is that they will > > release the server daemon once they deal with the trust issues. They > > don't want to have spammers setup a server and go thru and delete all > > the hashes from the database. > > > > Besides what difference does it make. If you are using Spamassassin, > > listed in razor is only a score of 3. Also, I'm seeing spam messages > > with unique lines at the tail of the message body which would generate > > it's own unique hash. The unique line is also the id in the To field. > > So it may not even pay to register these though I'm doing to see how > > many more spams trigger a razor score to see if it does make a > > difference. > > Just a point on the curve... > > While we've had an SA server up for a while, I've personally just started > using SA just last week. Out of 35 spams it's caught, 13 were listed in > Razor, including one that would have otherwise scored under 5. > > One of our senior system administrators, Kelsey, has had contact with Vipul > -- I understand Vipul is working on incorporating "fuzzy" hashes into Razor > using the nilsimsa algorithm. (See http://freshmeat.net/projects/nilsimsa/ > for more information.) > > I think the fuzzy matching would be much more appropriate for detecting spam > than a checksum or SHA hash.
I'm not sure how Vipul is going to do this (I don't follow the Razor list since Razor is so unreliable that we don't use it). I spent a week investigating Nilsimsa, even wrote a perl module for it (which I may release if I get permission), but the problem is that you have to run the nilsimsa check over every single hash in the database before you know you have an approximate match. This gets slow. I generated about 50,000 nilsimsa hashes as a test, and running the nilsimsa test on those took over a second. Way too long. So I ditched the idea of using Nilsimsa a while ago. -- Matt. <:->get a SMart net</:-> ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
