On Fri, 4 Dec 2009, rich...@buzzhost.co.uk wrote:
Okay, let's be methodical. Let us indeed start with those.
Did anyone else get them?
No answer.
If, so, how did they score?
No answer.
If not, then why did only Richard get them?
No answer.
Point 1 - The Subject that was changed on the other post. JD Falk made
the original change to abuse me. Go back to the archive and take a look.
I just inverted it.
I don't care. You can each call the other all the names you want.
But if there is a legitimate issue, it will be answered by addressing the
questions I posed.
Point 2 -
I've stated my opinions on organisations that are involved in bulk
mailing, but that's all it is. An opinion. They are like axxholes,
everyone has one.
I don't care. Spamassassin does not have an 'opinion'. It has a
methodology. If that methodology requires review/correction, your opinion
provides no quantitative feedback.
Point 3 - My Habeas issue is not about quantity.
If you read my post you would have grasped the simple idea that if ANY
spam comes to your attention, it is very likely the tip of an unseen
iceberg of missed spam. So we treat it seriously and investigate. I didn't
ask how *much* anyone got. I asked whether there was something peculiar to
your situation that prevented other people from seeing this problem.
see *nay
..... I can only cite the current ongoing issue with DateTheUk.
A company that fished a watermarked address from a Facebook 'Farmville'
group and then spammed it.
Good enough to work with. You've posted your data, now my next question
is whether anyone else sees the same mail. Just because I don't see it
over here in Canada doesn't mean you are the only one. But it may very
well highlight a 'regional bias' in the main spamassassin test corpora.
80.75.69.195 WHITELISTED: sa-accredit.habeas.com
80.75.69.201 WHITELISTED: sa-accredit.habeas.com
Which now leads back to questions about whether we're seeing *hacked*
servers that just *happen* to be habeas accredited?
The customer also hits on: list.dnswl.org, so they are clearly aware of
the need to grease the wheels. Spamassassin was passing the stuff at -9.
(nod) I've seen similar scores on (obvious) spam from 'mailengine'.
It's not about the listing of a Rogue Customer, it's why they are not
delisted for doing it - this would give some kind of confidence back.
It may not be the 'customer' at all. Never attribute to malice that which
can be ascribed to ignorance.
My personal view is no blind eye should be turned to any spammer,
especially one coming from a so called reputable source.
So let's get back to defining the source. We've got a habeas
representative on here? Let's trace this 'datetheul' stuff and see if it
really is their legitimate business.
By the by, I think I posted on this list a while ago on a similar
question, as to whether we could really trust *any* whitelists, as they
simply made for a *deliberate* target of botnet owners. No one made a fuss
about it before, but what about now? Maybe, once again, the flaw is in
having a whitelisting system that relies upon third party servers with
unknown security.
Point 4 -
All that is largely irrelevant to this list, but my point of interest is
why a commercial white list appears in Spamassassin with the default
scores set the way they are? It's perfectly reasonable to ask.
Well, the obvious 'startnig answer' (just to cut the pedants short) is
that a whitelist *should* generally betoken increased trust in a source,
and that it is 'permitted' to look a 'little' spammy because their
business is advertisting, but not 'spam'. So with that category of mail in
the 'ham' corpora, spamassassin score generation allows a generous
negative score. The flaw, here, may be regional bias. Perhaps Spamassassin
should get a bit more sophsiticated and attempt to generate corpora for
different regions?
It could be expanded to ask if there are any plans to include whitelists
from other vendors in the default, such as Apache donator Barracuda?
Perhaps emailreg.org with a -4 score in the next SA release?
That is the most meaningful question. What is the policy for inclusion,
and how reliable is it? The key to understanding is to verify whether the
'spam' you see is *actually* from the 'customer' who obtained the habeas
accredit and then probe how we would deal with a 'yes' or a 'no'.
Much that the personality battles and offlist threats and abuse amuse
me, my question is perfectly reasonable, has it's foundation in fact and
is on topic.
Which is pretty much what I said. I just clarified the question because
pedants were answering "because the developers like it".....
But it might help to skip the personality/ad hominem crap. Prove that the
mail you receive is the rightful mail of the legitimate IP address owner,
and then ask the habeas people how they 'earned' that accredit....
- C
