On Wed, Feb 08, 2006 at 11:49:09AM -0500, Matt Kettler wrote: > Jim C. Nasby wrote: > > On Wed, Feb 08, 2006 at 11:29:36AM -0500, Matt Kettler wrote: > >> However, looking in the config files, HASHCASH rules have the userconf > >> flag. > >> This means that the Autolearner will also ignore these rules too, as SA > >> will > >> treat it as a user configured whitelist. > >> > >> > >> So, this message had an autolearner score of +0.135 from the > >> FORGED_RCVD_HELO. > > > > Ahh, so hashcash scores don't actually count towards learning. Should > > maybe be changed...? > > I'm not entirely sure.. Part of me thinks it's a good idea to not count it, > since it does effectively behave a bit like a user-configured whitelist. > > I mean, if you start accepting hashcash for learning, then you probably should > also accept whitelist_from_spf. > > Realistically, hashcash doesn't provide any proof the sender isn't a spammer. > It > merely provides proof they are willing to burn some CPU time to send you an > email.
Sure, but I think it warrants a small negative learn score. I'd expect that real spam would have plenty enough positive score to ensure that it didn't get learned. Of course I guess part of this is that the default learn ham score of 0.1 is probably too high... > In the era of spammers using enormous botnets a little CPU time really costs a > spammer very little. They're much more limited by network bandwidth than > available CPU power when they control 10,000+ infected PCs each with a > cable/dsl > uplink speed of 128k-1mbit to send spam with. True, but if they start burning that kind of CPU generating postage the owner of the machine is more likely to notice something's wrong... > > > > BTW, I was reading http://article.gmane.org/gmane.mail.spam.hashcash/803 > > last night, and I'm wondering if there's been any progress on a way to > > enable hashcash without requiring users to supply emails they receive > > stamps for? > > The hashcash_accept command accepts file-glob style wildcards, so this should > work: > > hashcash_accept * > > or safer: > > hashcash_accept [EMAIL PROTECTED] > > The problem with wildcards is that a spammer doesn't need to compute a hash > on a > per-recipient basis. They merely need to do it on a per-message basis, which > makes it much less expensive for a spammer to use. Yeah, I was specifically wondering about getting it into the default config. It seems like it would be a very useful tool if more people used it, and having it work by default in SA would undoubtedly go a long way towards getting people to use it. BTW, there were 3 proposals in that thread to combat generating one stamp per email. -- Jim C. Nasby, Database Architect [EMAIL PROTECTED] Give your computer some brain candy! www.distributed.net Team #1828 Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?"
