Craig Hughes said:
> And there's also the computation time involved in checking a > rule -- particularly when said rule might be poorly written and > have unpleasant regex characteristics. Could easily lead to > deliberate of accidental DoS attacks against the machine hosting > the CGI. I think it's somewhat impractical unfortunately... It would be very handy, however -- new rule development is a lot easier with a good spam/nonspam corpus to test it against. It's especially useful for spotting FPs that are not obvious, and would help decentralise the rule QA process. As someone suggested, maybe a good way around the security and resource-usage implications is to make it a strict authenticated system... that way at least you can *tell* who DoSed the server by accident ;) --j. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Stuff, things, and much much more. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
