Quinlan: Any technique that tries to identify "good" mail without authentication backing it up, or some form of personalized training. It worked well for a while, but it's definitely not an effective technique today.
Is he referring to a system which might assume all mail is spam unless "proven" good? Or, is he referring to whitelisting senders? Or, something else. The reason that I ask is because I'm wondering whether whitelisting is really a good idea. It seems like every article in the world on spam filters says, "a product MUST allow for whitelisting senders or it is no good". However: (1) I suspect that the ability to whitelisting senders is more of a way for poor spam filters to hide their poor quality from those situations where their blocking of legit messages would be most noticed. Often, blocked legit messages go unnoticed... until someone you know personally says, "did you get my message about...". Whitelisting senders minimizes such situations... but, ideally, a filter shouldn't block legit messages to begin with. (2) A second problem with whitelisting senders is the potential to whitelist spam that is being sent by a virus which simply played musical chairs with someone address book. Theoretically, a spam virus could "go to town" if the recipient had whitelisted the same sender that the virus randomly picked to place in the "FROM" of that spam. But, am I being paranoid? Does anyone know of this happening? Also, maybe a good compromise is to simply lower the score if the sender is on a "trusted sender" list. Personally, the biggest problem I have with blocking legit messages is when a client might tease his friend about his friend having a small "member". It is easy for this to be caught by rules.... so I do see the need for "trusted senders"... But I just feel a need to rethink the way that this should be implemented. Any suggestions? Rob McEwen PowerView Systems
