-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 08 April 2002 16:10 pm, Bart Schaefer wrote: > The first thing you need is an algorithm for determining > whether two messages are similar enough to be considered the > same. E.g., Razor uses a hash of a stripped subset of the > message. > > Using your example of a "honeypot" account, a sufficient > measure of "looks like spam" might be that the sender has > previously mailed to the honeypot.
However, if one is just interested in using a honeypot, it's a lot more effective to just send the messages into Razor. The advantage of finding a better solution is obvious: If you can compare 1000 mailboxes, for example, and any message that occurs more than X times should be deleted from all of them. (As pointed out by someone else, you'd need to detect legitimate mass mailings.) I'm not trying to cut down your idea. My goal is to promote some good discussion. Does anyone have ideas for this system? I'm thinking it may be possible to modify the Razor server code (if/when that is released -- I'm not up to date on the Razor server situation.) so that the server would tally the number of times a particular checksum was entered. Once it's above a certain threshold, it would begin reporting this to clients that are asking if a certain checksum is in the database. (Or, possibly, the checksum would then be pushed out to other Razor servers.) In this plan, all mail would be reported to the Razor server. I think this is similar to how the DCC system works. I could be off-base here though, as this isn't my area of expertise. Just some food for thought. Richie Laager -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8sg5obfU6uV4fG84RAhtzAKDSKL+b4s15OZEo0IPsM0EuWbeQ5wCgnGQ4 whC/Z58Hqzf8vA9kOXjHDOA= =xj19 -----END PGP SIGNATURE----- _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk Sponsored by http://www.ThinkGeek.com/
