On Thu, 4 Dec 2003 16:39:35 -0500, Chris Santerre <[EMAIL PROTECTED]> writes:
> These are definetley in SPAM and HAM. Same goes for the xmr3.com domain I > was talking about earlier. So Now I have a problem. When I said I wanted > zero FPs, I didn't forsee the fact the spammers were using some of the same > hosts as legit email. This sucks. This is rather an important issue. Solution is to have two (or more) lists. Domains that have never occured in ham. Domains that have a small number of FP's. (couple of percent) Also, for reference, have a third list of domains that are confirmed to be FP's, so that they may be automatically removed from the other two lists. > Up until now, no one has really done anything with hosts. This is kind of > the first instance where it will make a large impact. I'm sure no one has > ever complained to these hosts. We have all been complaining about ISPs > where the email comes from, not image/web hosting of spammers. Tell that to Spamcop. They robospammed an email to the IT staff here accusing my research website of being spamvertized --- it was linked to in the SANS security newsletter. > Leave these domains in, email gets marked as spam. People begin to complain. > Spammers will/may get kicked. Although that is doubtful as hosting > spamsite/image isn't really againist Usage Poilcies. However legit customers > may learn that there host is being marked as spam and go elsewhere. THAT > hurts the hosts the most. As someone pointed out, just because an image is hosted doesn't mean that the the hoster endorses or wants it. For instance, they may embed this URL into their spam. http://www.v**gr*.com/consumer/images/features/mlbLogo.gif > I went thru my spam corpa (I got an english lesson today!), and found these > in definate spam. bfast.com was all over my spam corpa. I personally don't > want to take them out. Take it out. If you promise no collatoral damage in evilrules, follow through. Have a second list where you explicitly say that there are known FP's. > I guess we need to start forwarding spams not only to email host, but image > and web as well. With the intent that if they continue to host spam, email > containing their domain will be marked as spam, and not delivered. (yeah I > know.) If you want to go down the route of collateral damage on 'spam supporters', its already been done. Just take every URL and run it through SPEWS. I emphatically hope the answer is no. Scott ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
