On Thu, 12 Oct 2006, Kurt Fitzner wrote: > John D. Hardin wrote: > > That said, many times I have been annoyed by a filter on somebody's > > abuse@ address bouncing an abuse notice that I sent *with evidence*. I > > do not recommend a rejecting spam filter on the abuse@ address, it > > will keep people from reporting abuse of your systems to you. abuse@ > > can be scored, but don't reject messages sent there. > > Sorry, don't care if you're annoyed. It really only bothers me > peripherally if a domain makes it hard to report spam.
That's not my point. Generally if I get a phishing message and I can determine the domain that's hosting the website or the domain that originated the message I try to report to them via their abuse@ address that they are hosting or originating phishing attacks. I attach the phish message itself as evidence. If that message gets bounced by their spam filter, they have just ignored a report that might lead to them cleaning up a system intrusion. > For the purposes of SpamAssassin, it only matters if spam is > filtered and ham is let through. As I keep harping on, I don't > think it's SpamAssassin's job to crusade for abuse@/postmaster@ > compliance. > > The rules in question almost by definition don't address spam, > they address whether people are peeved at how hard it is to > contact a domain's postmaster. Which is why I dispute the score > attached to them. Those rules *do* address spam. As was explained, across the entire corpus the RFCI results are a reliable enough spam indicator to justify the score. If the scores weren't based on masscheck results then you might be able to argue that they were assigned on an emotional basis to forward a given agenda. > The corpus for ham is almost four years old. Does it address the > current email volumes that are sent today? I downloaded and > checked the latest hard_ham, and it has zero emails sent from > yahoo.com. THAT is a valid basis for objection. > If you want to have and justify rules that target RFC compliance, > then there needs to be justification that outgoing spam volumes > and RFC 2821 compliance are linked. I make the claim that a major > source of ham email is getting dangerously high spam scores and > that there is little to nothing in the corpus that is aimed at > preventing this particular rule from malfunctioning. ...except your posts so far have been far more ranting about RFCI itself rather than suggesting the corpus is stale. The corpus may indeed be stale. If that's the case then the problem extends far beyond the RFCI rules as the base scores for *all* rules are based on the corpus. However, http://wiki.apache.org/spamassassin/RescoringProcess says that score assignment is based on volunteers masschecking against their own corpora, which likely are fairly current. Can anybody provide information on how current the contributor corpora are? > Let's bypass the issue of whether or not we're personally annoyed > when we can't get email to postmaster@/abuse@ and see if there is > a way to either verify or refute the claims in question. My "annoyed" comment was an aside prompted by your comment that you filter your abuse@ alias, and was intended to offer a reason why you shouldn't. It wasn't intended to be a justification for RFCI or the scores currently assigned to RFCI rules, and I'm sorry you focused on it. PAX. Please. -- John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Gun Control: The theory that a woman found dead in an alley, raped and strangled with her panty hose, is somehow morally superior to a woman explaining to police how her attacker got that fatal bullet wound. -----------------------------------------------------------------------
