On Fri, May 23, 2008 at 3:00 PM, Jared Johnson <[EMAIL PROTECTED]> wrote:
> Hi, > > The product I've been working with allows th user to set Rejection and > Deletion thresholds, at which a message identified as spam will be rejected > with "550 - Message is Spam" etc., or accepted with "250 OK" but dropped on > the floor, respectively. Historically it has been believed that if we have > a high enough confidence that a message is spam, it is adventageous to > pretend we have accepted the message in order to avoid allowing spammers to > know whether their methods are working. I have not verified anywhere that > this practice really does have a negative impact on spammers. This would > especially be invalidated if most of the rest of the spam filtering world > does not make use of 'delete' and simply issues rejections -- in that case, > if the spammers don't get the information from me, they'll get it from the > next guy. > > I do know that having a delete threshold occasionally causes false > positives to go undetected by end users. That is a bit of a disadvantage. > The suggestion has also been raised that claiming to accept spam rather > than rejecting it might invite spammers to send more spam your way. > > Does anyone have any knowledge or opinions on these matters? Does > pretending to accept a message contribute to the "fight against" spam in > some way? Or does it invite more spam? Is it worth it? > I prefer to follow the spirit if not the letter of the RFCs. If I am not going to "take responsibility" for a message, I reject it. I do accept some things and quarantine them rather than put them into a user's mailbox, but I never just throw anything away after saying I will deliver it. There are plenty of sites that do silently throw away mail, and plenty that will reject. unless you are a *really* big site I really don't think spammers are going to care what you do, if they notice at all. I'd worry more about the legitimate users and what happens to their mail in a false positive situation. -Aaron > > Jared Johnson > Software Developer and Support Engineer > Network Management Group, Inc. > 620-664-6000 x118 > > -- > Inbound and outbound email scanned for spam and viruses by the > > DoubleCheck Email Manager: http://www.doublecheckemail.com >
