(I'm not sure if this subject has been discussed before, as i'm not
following the list all the time)

How about separating the rules from the SpamAssassin distribution
itself, and offer them as a separate package? This would be similar to
the way intrusion detection systems (Snort, etc.) and antivirus
applications work.

It looks like there's a lot of similarities between SpamAssassin on one
hand, and IDS and antivir. on the other. There's an engine performing
the actual work, and a set of rules/signatures that are used to identify
the bad stuff (malicious traffic, virus, spam). As long as some
compatibility is maintained, these things can evolve separately.

Especially in the case of the Snort IDS, this model seems to work pretty
well. They offer the engine as a separate tarball/package, which is
updated moderately often (just like any other piece of software). They
also offer daily tarballs with updated sets of rules, both for the
"stable" branch of their software, and for the "development" one.
The rules are updated all the time, they have a mailing list dedicated
to that, people contribute with new rules and/or updated ones, etc.
This way, the developers can afford to let the engine go at its own
pace, and update it only when it's really necessary, and yet offer a
_very_ up-to-date intrusion detection tool to the users.

I could be wrong, but it seems to me like the same thing might work for
SpamAssassin as well.

Just my 0.02$...

-- 
Florin Andrei

I updated my website:
http://florin.myip.org/



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to