On Sun, Jan 11, 2004 at 03:14:37PM -0600, David A. Carter wrote: > the message differ from the original, I figured I better --forget the > original first. Was this not needed? Did I even need to remove the habeas > marks first?
If you learn a message that has already been learned as the opposite type, SA will auto-forget it before learning the way you specify. :) As for removing the Habeas marks ... I wouldn't do that, since they are, in your case, an indication of spam. > Does SA come configured to check the infringer's list, or is this something > I need to configure? It's default if you enable network checks (it's an RBL). :) > Also, what do you think about this mail getting auto-learned as ham? It > seems to me, spammers could exploit this by sending large amounts of spam > from throwaway untraceable accounts with phony habeas marks; thereby getting > a large amount of bayes poision in spamassassin ham databases. Perhaps, > since an email with a habeas mark will always get through as ham anyway, > such emails don't need to be autolearned? Well, this is less a question of "should it be autolearned" and more of a "how good is the Habeas system"... In the perfect world, it's not forgable/misused and you would always accept it as a sign of ham, and therefore autolearning is desired. Since we don't live in the perfect world, the question is: can the Habeas folks act fast/complete enough so that forging/misusing the mark is completely minimized? If they can, then there's not a huge issue -- yeah, some spam will get through, but they'll quickly be squashed and there you go. If they can't, then their whole business plan fails as people start ignoring the mark, and again no problem since the SA rules would go away. It's like any other whitelisting system out there really. -- Randomly Generated Tagline: "... before engaging in a battle of wits, one must ensure that one's opponent is armed." - Jamie Zawinkski
pgp00000.pgp
Description: PGP signature
