That is because they require no infrastructure. Additionally, you need
to define 'success'. Configuring your MTA to only accept connections
from hosts which are an MX for the domain they HELO as, will also block
lots of spam - it may however have a higher false positive rate.
But doing this in conjunction with a statistical filter will weaken the
statistics, because it won't have as much spam to learn. On the other
hand, if you were to do this, and pass the message "as spam" to the
filter, this would be acceptable.
I disagree. I would say that these filters are based on the issue that
there is no current alternative to anonymous mail, so they address the
only aspect that they can - content.
That's not how most of us feel who are developing these tools; I've
discussed this at length with many of the developers on these projects,
and whether or not the message can be authenticated is irrelevant to the
operation of the filter. Some spammers are now digitally signing their
messages to appear authentic (some signatures are obviously bogus)...but
should we have an authenticated system of SMTP, that will not affect the
filter's basis premise that it is the _content_ of the message that
makes it guilty, not the sender. In other words, even if everyone was
using an authenticated version of SMTP, it would not suggest that the
filter should "trust" the sender/message.
I don't think it's reasonable to read anything into the philosophy of
filter authors about their expectations for the future - they're just
trying to solve a problem with the available inputs.
Philosophy is one of the significant factors that we discuss, actually.
Philosophy and mathematics.
Filters certainly don't affect anonymity, but until a program passes the
Turing Test, I won't be convinced that filters can't be fooled.
No filter is foolproof, but these filters are by far the most accurate
filters available today. The sender really is irrelevant...it could be
a friend of yours who forwards a message to you they thought was
important, but was really spam...it could be a mailing list you are
subscribed to with one malicious subscriber, etc.
Even then, textual analysis requires far more cpu overhead than an
access list check. If the spammers have any hope that their message will
get through to you, they have incentive to send more and more spam. If
the spammers have NO hope that their message will get through to you,
they do not have incentive any more.
Which is why spammers are using stolen dialup accounts and such to
circumvent access lists...just as they will an authenticated method of
SMTP to send them...but one thing remains the same: the content.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg