Chris Lewis wrote:
Eeek! I don't want to read 50,000 spams per day!
not to mention that it is a horrible human factors problem. You want to keep
users out of the spam trap because the whole point of antispam filter is to keep
you from seeing spam.
False positives have a very simple solution. Treat it as the first step
in a "do something else to get this thru". Just like confirming a
mailing list subscription with per-transaction keywords. Or, "click
here" to get it through.
classic challenge response systems have a serious problem if the center of the
message is a robot. For example, you purchase something on the net, you get an
invoice from a robot confirming the order and the robot is given a challenge
message. You never see the invoice and never will unless you go to your spam
trap and root around in all the garbage.
As have pointed out elsewhere on the list, I believe a more reasonable solution
will be a combination of postage stamp plus white list plus spam filter as
discriminator. If mail doesn't have a postage stamp, it is passed to the
discriminator which evaluates the message as spam/unknown/good mail. Only
unknown messages are given a postage due or challenge response. You minimize
false positives and minimize challenge messages outbound to reduce potential
annoyance of challenge/postage due messages.
I'm almost done with some reference code on the receive filter. I'm hoping to
finish the discriminator integration this weekend.
If your filters are good, the FP rate is low. Our false positive
handling address averages less than 5 per day.
unfortunately, that's a moving target. Spam is an economic problem with
biological characteristics. Filters create evolutionary pressures and I'm
noticing spam is evolving to be more and more indistinguishable from real mail.
The end result is an increasing false positive rate because the difference
between good and bad mail will get smaller and smaller.
I believe that most of the techniques people have outlined on this list will
send us down the same rathole as the virus/antivirus community. Evolutionary
pressures creating change which requires yet another revision of the software or
techniques. It's a great revenue stream for the anti-<blah> manufacturers but
it's hell for everyone else.
This is why I believe that we need to hit the spammers in the pocketbook through
technical solutions. From what I see, tools like connection grabbers, postage
stamps, and legitimizing narrow forms of e-mail marketing will have a far
greater impact than anything proposed so far.
it's a fundamental axiom of animal training that rewarding good behavior
extremely quickly produces much more rapid change than punishing. See: "don't
shoot the dog" by Karen Pryor. If we can give a legitimate outlet for e-mail
advertising, a lot of the incentive to spam will be reduced. Those that remain
can be punished through negative reinforcement techniques like connection
grabbing and postage stamps.
---eric
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg