ietf-asrg
[Top] [All Lists]

Re: [Asrg] Usefulness of wholesale blocking of attachments for SMTP?

2004-04-19 15:14:31
"Chris Lewis" <clewis(_at_)nortelnetworks(_dot_)com> wrote:
  Let's be aware, though, that many content filtering schemes and
black-lists have been caught adding entries to the list which do NOT
meet the publicly stated criteria.

That's a bit of a non-sequitor.  DCC and it's detection system is 100% 
automated.  It doesn't work by "adding entries" to a list. 

  At one point last year, Hadmut tried emailing Vernon off-list to
continue an on-list conversation.  The message was rejected, and
appeared to have been submitted to the DCC.  Vernon then admitted on
this list that he was blocking Hadmut's off-list messages, and
submitting that information to the DCC.

  That's censorship, not anti-spam filtering.

  On the subject of blacklists, I don't think I have to re-iterate the
political wars between blacklist maintainers, who cross-list each
other.

DCC source is freely available, so the algorithms and procedures are 
well known (to those who bother to look).

  Yes, but only the checksums are distributed, not the reasons why a
message resulted in a checksum being distributed.  It's run on trust:
You have to trust that other members of the system don't abuse it.
This trust problem is the same for any distributed system.

Doesn't stop the DCC owner from fudging the query system, but that's 
possible with _any_ anti-spam solution that relies on anyone else for 
decisions.  Subversion is a risk with _all_ anti-spam solutions except 
those you write yourself.  And perhaps not even those ;-)

  I agree.  Systems like spamassassin are slightly better from the
trust perspective. but may catch less spam than the DCC.  Spamassassin
distributes the rules to each user, who then can configure it to tell
him which rules were matched.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg