I think you've laid out a good foundation. We would be happy to provide
reasonable computing/account/domain/etc resources to assist.
Peter
-----Original Message-----
From: Alan DeKok [mailto:aland(_at_)freeradius(_dot_)org]
Sent: Thursday, July 31, 2003 4:28 PM
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] 2.a.1 Analysis of Actual Spam Data -
Titan Key reduces spam attacks
Paul Judge <paul(_dot_)judge(_at_)ciphertrust(_dot_)com> wrote:
He has put forth some very preliminary data. He is requesting input
towards a better analysis. Those that have constructive feedback
please provide it.
"More data, please!"
Ok, what else would be interesting to see?
There was some discussion on this topic a few months ago,
but it got lost in the volume of list traffic.
A broader set of test cases ( more addresses, different
domains, ...)
A control set of email addresses with different systems (no spam
detection, detection with a different response such as: DSN,
challenge, etc) What else?
I believe that there are three orthogonal characterizations:
a) time
b) recipient domain or name
c) anti-spam system
For each combination of (time, recipient, anti-spam), there
are two numbers which should be collected:
a) total number of messages received
b) of that, the number of messages determined to be spam
To avoid political issues, I would suggest that
sender-oriented measurements should be explicitely not asked
for, or collected. I would also suggest that the anti-spam
systems be explicitely not named, other than as a broad
characterization such as "challenge-response", etc.
An independent third party should collect these
measurements. I believe there was a volunteer a few months
back, who was waiting for consensus from the group, before he
would start the actual collection of data.
The data analysis should be fairly straightforward. After
a cursory evaluation of the data to avoid political issues,
the raw data should be made available to all. Multiple
independent analyses can then be done.
Other measurements which should be done are measurements of
SMTP weirdness which doesn't involve message delivery. e.g.
"connect, EHLO, disconnect". These behaviours are closely
related to spam, but in many cases do NOT involve anti-spam
systems, as no messages are delivered. I believe that the
anti-spam systems can then be further sub-divided into two
categories: message-based systems, and network/SMTP systems.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg