From: Matt Sergeant <msergeant(_at_)startechgroup(_dot_)co(_dot_)uk>
However, this does not sound useful enough for me to
put it into the DCC this year. Spam and viruses differ. It's far
more difficult and/or dangerous to give a Windows box a test infection
of a virus than to send test spam to a mail system. To test a spam
filter that can be tested with a standardized test, you can instead
grab something from NANAS or whatever spam you hate and send it from
somewhere, such as a free provider or one of your own systems.
That would be fine if your content filter is 100% effective, but last
time I looked the DCC wasn't. So you have no guarantee that a
particular spam is going to trigger it. You're effectively asking your
users to do the legwork, and that doesn't scale.
That the DCC is not 100% effective is a reason users (i.e. system operators)
should do their own leg work.
I don't see how "scaling" in any normal sense might be relevant.
But the real problem is that standardized test messages don't make
sense for some spam filters. Spam is unlike viruses. Viruses are
evil data but spam is behavior regardless of data. I could twist
DCC client software to recognize some test messages, but that would
tell users nothing abut whether their DCC client is talking to a
DCC server that is getting current bulk checksums. A better example
is what you would have a DNS blacklist client do about a standardized
test message. A test message is just entirely wrong for DNS
blacklists.. The right test for something like the SBL is a
permanently listed auto-responder, not a test message.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg