On Thu, 7 Mar 2002, Scott Doty wrote:
> On Fri, Mar 01, 2002 at 09:50:03PM -0800, Rob McMillin wrote regarding
> the "FROM_SPAMLAND" test:
> ] http://www.geocrawler.com/lists/3/SourceForge/11679/350/7984404/
>
>> /\.(?:kr|cn|cl|ar|hk|il|th|tw|sg|za|tr|ma|ua|in|pe)(?:[\s\)\]]|$)/
>> Let the spear-chucking commence!
>
> I took this suggestion to our local antispam list, and solicited user
> input. The following is a summary of responses...
>
> For: 5
> Against: 1
>
> One lady belongs to an amateur radio discussion group, and was against
> the test, as it would block a goodly chunk of mail from the list. One
> of the gentlemen for the test pointed out that he had recently
> conversed with a group of folks using one of these tld's, giving them
> some Linux help off-list. Nevertheless, he was for the test, as long
> as the default score was 0.
>
> Those for the test suggested modifications:
>
> * Default score = 0
I think that's probably a good idea for the test as it stands because
it's a fairly uncontrolled score applied equally to a /large/ proportion
of the world.
> * Separate tests for each tld (so that score for each tld can be
> controlled)
This would be a really good idea ... combined with the GA scoring
system. Of course, you probably want to add tests for every TLD, not
just the set there.
Then you can let the GA work over the corpus and calculate what is and
isn't a source of SPAM at this point in time.
[...]
> One notable comment follows:
>
> YES! When it comes to nuking spam, I say "Screw 'politically correct'
> with a nail-studded baseball bat doused in battery acid. JUST DO IT!"
Ah, someone who has never had to support users outside of their own
country...
[...]
> Not once in my 'net life have I seen a non-spam message from ANY of
> the domains showing in the test as listed in your post. "Kill 'em all
> and let /dev/null sort 'em out!", sez I.
...because everyone has the same set of correspondents that they do. ;)
> While most people were not as vociferous in their support of the test,
> the message seems to be that some inspection of tld's would be
> appreciated.
I can't say that I object to it, personally. I just think that it's
worth feeding the whole lot of 'em into the GA[1] and letting /it/ sort
them out.
It's what the GA is good at doing -- working out, through enlightened
guesswork, what is and isn't a good indicator that something is SPAM.
I would also /strongly/ suggest that they are put into a distinct file
so that it's trivial to disable them and, in all likelihood, not
installed except as an "additional" *inactive* score file.
...and should I mention that I regularly see non-SPAM from about half of
those domains in lists that I am on?
Daniel
Footnotes:
[1] ...possibly just the ones that have actually been used.
--
Keep a diary and one day it'll keep you.
-- Mae West
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
