--- Begin Message ---
Mr Hughes,
> Hi there Paul. I'm currently maintaining the SpamAssassin
> project for Justin Mason while he's off on vacation. He's
> the guy, by the way, who jokingly put the "profit is dirty"
> message on his webpage.
I will adjust the page to reflect that. I'll also note that
anything that has the demonstrated potential to seriously
screw up someone's income is not the place for "dirty money"
jokes.
> I thought I'd point out your page is factually innacurate
> in a few places:
I'll be happy to correct any inaccuracies in the article, if
I'm convinced that they are, in fact, mistakes.
I will also note that the software is a group project. That
will require amending a number of comments. It also explains
some things.
> 1. SpamAssassin does not block mail. There is no facility
> for blocking or bouncing mail in SpamAssassin, and blocking
> or bouncing is highly discouraged both in the documentation,
> and on the SpamAssassin mailing list.
I'll adjust the article to say "Tagging." Perhaps your end
users aren't paying as much attention to your recommendations
as you think. In the example I described, the software
involved was SpamAssassin, and the mail was in fact blocked.
To be more precise, it was discarded.
Technically different from an SMTP language standpoint, but
not from an end-user perspective.
> In cases where people have the mail filed off to a separate
> folder, we strongly urge them to tell their users to
> regularly check their SPAM folders to ensure that nothing
> got misfiled.
See above.
> 2. Not having a Reply-to header is not a rule. Having a
> Reply-to header which has no address in it is the rule I
> think you're referring to.
That's not how it read to me in the explanation, but I'm glad
to hear that, and will remove that from the article. Yes, that
is MUCH more unlikely in legitimate email. Thanks for the
correction.
> And then, under the default configuration, the message
> subject will just get tagged to indicate that SpamAssassin
> thinks the message is spam. Nothing gets deleted or
> bounced.
I'll correct that. So, this means that the ISPs involved
actually went out of their way to redirect mail that
SpamAssassin tagged as spam to the bit bucket.
That will be of great interest to the publisher involved.
She's seriously considering a lawsuit, and that will very
likely add to her "Sue the bastards" column.
> 4. SpamAssassin exposes many different ways for ISPs to
> ensure that their individual users can control the way their
> incoming mail is analyzed.
And many different ways to lose mail, nonetheless.
> [snip] but I just want to try and make it clear to you that
> while I'm at the helm of the SpamAssassin project, I will
> continue to endeavor to make sure that SpamAssassin
> minimizes tagging of nonspam as spam.
I have no reason to doubt your statement of intent. I'll
adjust the article to note that you claim this. However, I
will continue to strongly recommend against any sort of
content filtering which isn't left entirely under the control
of the user.
I will also strongly urge people to leave any ISP or service
provider who moves email into separate folders. In practice,
this has always shown itself to end up in lots of mail being
lost because people simply don't think to check those separate
folders.
I wonder... Do you participate in many business discussion
lists? If so, would you take the time to check SpamAssassin's
tagging of some of the posts? Look especially for "spam signs"
in the signature files of many of the posters. You'll be quite
surprised, I think, at the number of high scoring false
positives that simple sig files will generate.
> The overall tone of your essay indicates I'm some kind of
> raving anti-spam bigot who's intent on enforcing his will on
> the world's email.
Not you. The person who wrote "Profit is dirty."
That should be fairly clear in the context. The Internet makes
it very simple to distinguish between a joke and a political
statement.
No such distinction was made. The presence of things like toll
free numbers and other items that are clearly hallmarks of
legitimate business correspondence does tend to support the
rational belief that the author meant exactly what he said.
However, I'll be happy, as I said, to amend it to reflect the
claim that it was a joke, and point out that it's in extremely
poor taste in this context.
I remain unconvinced that he was joking, but that's purely an
opinion.
> If you do not do so, I will take it as a sign of malice, and
> will proceed accordingly.
Ah, yes. When filters don't work, bring out the lawyers.
I'll adjust the page because there are facts involved and I
prefer to represent things accurately.
Malice would be more than a little difficult to prove, Mr
Hughes, since there is none involved. And frankly, I prefer to
believe that your intentions are good and your software is
simply misguided and being misused. I have no reason to
believe otherwise. It's been my experience, as I mentioned in
the article, that most spam fighters have very good
intentions. Lousy results, but good intentions.
Otherwise, I'd happily spice it up even more, and welcome the
chance of a lawsuit, simply to bring more attention to the
issue.
The revised version has been posted. The errors you point out
have been corrected. And the fact that this is a collaborative
effort required changes in the commentary.
If you still think it's defamatory, you're going to have to
bring on the sharks, Mr Hughes.
Paul
--- End Message ---
