On Tue, 15 Aug 2017 12:46:59 -0500 Shivram Krishnan <rorryk...@gmail.com> wrote:
> Rule-based systems like spamassassin make room for false positives > from any one of the rules. For instance , a blacklist can have a > false positive, but there may be other rules which may not agree with > the blacklist. An ensemble of such rules allows make spamassassin to > be more accurate. I didn't know any of that! Thanks! Wow! Consider my mind blown. > In case of non-rule based systems like firewall, an inaccurate > blacklist can prove costly when the firewall drops legitimate traffic > based on inaccurate blacklists. I was reading about graylists on > cisco firewalls... That's not a standard use of the term "graylist" > where the network operators could use the graylists to generate > alerts to the operator to act upon. A network operator can treat a > third-party blacklist as a graylist and generate alerts. Is this > common? Not if sysadmins want a life. If I did something like that on our systems, I'd be getting multiple alerts per second. Regards, Dianne.
