>> On 21.07.09 19:18, Luis Daniel Lucio Quiroz wrote: >>> Ok, here is my doubt. I know who are Pyzor and DCC, and I really >>> convinced that a statistic test is a must to detect spam. But my >>> doubt is next: >>> - It is good to have both tests or just one?
> Matus UHLAR - fantomas wrote: >> listing in DCC means that the spam was received many times by many users on >> the net. Listing in RAZOR/PYZOR means that many users have reported it as >> spam, so I would ask how is it possible that such mail got listed. >> Yes, see my comment above for PYZOR... On 22.07.09 07:23, Michael Scheidell wrote: > Minor correction, DCC measures BULK email, not necessarily spam, which > is one good reason to use razor also. > (and a good reason to use DCC!) which was exactly what I wanted to say, i just should have choosen better wording :) > The way DCC works is automatic (unless sender is whitelisted), the > checksums or headers and paragraphs are checked against a database of a > 40 Million checksum database. the act if CHECKING the checksum adds it > (and if you are using the commercial version, last untrusted ip) to the > database. to be more precise, DCC servers should keep checksums of e-mail received in the past, configurable per server. > Since no human involved. The danger of 'false positives' are if you use > DCC to block 'spam' when you are blocking 'bulk' email, and you really > should whitelist any mailing lists yo belong to. Just to make things > faster and less prone to FP's. and there are other types of bulk e-mail, even those prople tend to send to others (funny messages etc). That's why DCC should not (imho) be used at SMTP time alone. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside...
