The only significant source of FPs on this list come from VERY
specialized lists like the Linux Kernel Mailing List. Some bug
reports, some patch lists, and some new kernel version announcements
contain enough strange words that the three letter groups and the
chickenpox rules over trigger.
With that in mind it'd be REALLY nice if I had a way to conditionally
use rule sets based on other rules. "If it's not from the LKML then
apply these rules, otherwise skip them."
Making a meta rule set of all the chickenpox rules has resulted in
a really ugly rule. But it did get my FP rate down some.
I have found, in general, that whitelisting mailing lists is not a
very good idea. This is particularly true with the LKML, which is
too large for anyone to moderate effectively. That is why it is not
white listed. I also find spams appear on unmoderated Yahoo Groups.
Again a blanket white list of the sort you propose would likely turn
me white with anger while I tried to find it in the code to utterly
destroy in some ugly manner as a surrogate for what I'd like to do
to whoever might have the impulse to include it in SpamAssassin. I
don't think that is what the SpamAssassin team means by the term
"whitelist."
{^_^}
----- Original Message -----
From: "Rob McEwen (PowerView Systems)" <[EMAIL PROTECTED]>
> RE: Whitelisting Groups/Lists
>
> (from another thread)
> >address triggers that flag - even though
> >it talks about a URL. For example,
> >on one mailing list there is a poster
> >who posts from a .biz address. Any
> >thread
>
> Remember that article on spam filtering a month or two back where people
on the SA thread were upset about SA's treatment? (I forgot the article...
but most here will recall what I'm talking about).
>
> Well, coincidentally, I e-mailed him to ask him some follow-up questions
and the one thing that he mentioned is that the largest source of FPs across
the board with all spam filters that he found in his testing were mails
generated by discussion lists/groups, (like the SA list, for example.. but
these were general discussion lists, not merely ones about spam.)
>
> So many topics and web sites can be discussed in these lists. Also, you
have that pesky problem where the domains of so many users show up in the
body of the e-mail inside their e-mail addresses. Also, what happens when
comment spam gets into the list message?
>
> Clearly, there is a need to do a better job of whitelisting these, but
without whitelisting other real spam.
>
> Does anyone know of a ruleset or resource where the largest of these are
listed with guidelines for whitelisting them (send server IP, etc).
>
> Thanks,
>
> Rob McEwen
> PowerView Systems
