Alan DeKok wrote:
"Chris Lewis" <clewis(_at_)nortelnetworks(_dot_)com> wrote:
Let's be aware, though, that many content filtering schemes and
black-lists have been caught adding entries to the list which do NOT
meet the publicly stated criteria.
That's a bit of a non-sequitor. DCC and it's detection system is 100%
automated. It doesn't work by "adding entries" to a list.
At one point last year, Hadmut tried emailing Vernon off-list to
continue an on-list conversation. The message was rejected, and
appeared to have been submitted to the DCC. Vernon then admitted on
this list that he was blocking Hadmut's off-list messages, and
submitting that information to the DCC.
That's censorship, not anti-spam filtering.
No. DCC doesn't work like you think it does. Vernon is using more than
just the DCC for blocking - he's got lots of lists (domains etc) which
are run for his personal email independently of DCC.
"Submitting something to the DCC" is like submitting something to Bayes
training. It's only bulk (and blocked) if the signatures match others
(in DCC) or if the training is "strong enough to matter" (in Bayes).
One-to-one email isn't going to trip DCC, and unlikely to trip Bayes.
On the subject of blacklists, I don't think I have to re-iterate the
political wars between blacklist maintainers, who cross-list each
other.
The only deliberate one I know of was when one blacklist was acting
abusively (unrestricted relay scanning) generating lots of complaints,
the other listed it for acting abusively, and the first well, retaliated
- it was acting abusively in the first place, right?
The first blacklist was subsequently proven in a court of law to be
acting abusively. And isn't running any more. He just whines a lot
after having fled the country.
I don't really think one corner case can be generalized into a blanket
statement. But more importantly, it's not interesting from the ASRG
perspective.
I agree. Systems like spamassassin are slightly better from the
trust perspective. but may catch less spam than the DCC. Spamassassin
distributes the rules to each user, who then can configure it to tell
him which rules were matched.
My point is that your point that such systems are
"originator-subvertible" is an uninteresting one from a broader
perspective such as what ASRG is tasked with. _Everything_ is
subvertible at that level. _Any_ spam solution that you implement has
to be evaluated from a perspective of how much you trust the "supplier".
Even if you're the supplier (in a corporate sense) where the spam
meister may have a different viewpoint of what spam _is_, relative to
say, the CEO. I don't think maundering ( ;-) on about that sort of
thing is useful for ASRG. ASRG should be more concerned with making
sure that once the user of the filter has decided to _use_ a given
technology that he actually gets what the supplier provides, and is
given enough information to make reasonable choices.
As long as the DNSBL user is adequately informed, it ain't any of our
business how capriciously the DNSBL is operated. Truth in advertising
is the key. Not bans against capriciousness.
Say, Yakov, you still waiting on Matt for DNSBL BCP publication?
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg