-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Laird Breyer wrote:
I've just read through the threads again and done a summary of all the
main relevant points everyone discussed on the list (see attachment).
I think you did a rather excellent job, and summarized it all pretty well.
I'll discuss this with Thomas, and see if he wants to volunteer to do a
final draft, but, frankly, I think it's pretty good as-is. I
particularly like how the various threads are summarized.
Almost ;-) I'll add a couple of points:
Flaw: Church's experiment is applicable at best to one type of email user.
Chris Lewis's experience strongly contradicts the Church conclusion, and is
based on very different business user email patterns.
Agreed, Church's environment and mine are _highly_ different. However,
given our relatively permissive policy in terms of personal use of
email, we're probably not "extremely business pattern" either. Much
"stranger to stranger" communications as well as communications with
non-corporate/non-business-related environments.
[You'd be amazed at how much business goes on with random
freemail/consumer ISP accounts for example.]
[This is more of an amplification of what you summarized - I added a
real world example of high variability]
Flaw: Church didn't describe his environment in terms of user
characteristics, nor population, and is likely to be a very small group.
Experience demonstrates that the "spam experience" varies wildly even
within a single domain. In the Nortel environment (65,000 users),
roughly 50% get virtually no spam at all (<1/day), where as others are
more than 500/day. Similarly, the types of spam, and which techniques
work best, vary wildly between users.
Hence: to get a broader more accurate general picture, you need a very
large user population and high volume of email.
Regarding 2) and 3), it's important for users of DNSBLs to apply diligence
and caution. A single DNSBL verdict should never be used on its own, as
is implied in 5).
I disagree. I don't think you'll get general agreement on the last
sentence. I'm going to back this up and make a more generalized comment
that I think should be reasonably acceptable to all:
We have no business dictating what individual site policy on email
acceptance policy should be. What we assert is that site administrators
need to assess what's available (whether it be DNSBLs or any other
filtering technique) against their needs, and choose/implement
appropriately - due diligence.
If a site determines that it has no reason to communicate with, for
example, a given country, or sites based on specific listing criteria,
there is no reason why the site couldn't use a "single verdict" choice
based on an appropriate DNSBL or other filtering method. On the other
hand, some DNSBLs are of a nature or the needs are such where scoring
methods will be more appropriate.
All filtering techniques have such trade offs. Just about all techniques
used "single verdict" can be just as prone, if not more so than many
DNSBLs, to miss-trigger[+]. We should not be singling out DNSBLs,
because other commonly used filters often have similar (or worse)
failure rates.
Site administrators must accept that it is _their_ responsibility to
_know_ what they're getting no matter what it is, know what their needs
are, apply the former appropriately to satisfy the latter, and continue
to monitor the system in terms of performance. Success or failure of a
filtering system is always ultimately the administrator's responsibility.
[+] To raise an obvious one: "bad word" filters. It's surprising how
many 4 and 5 letter "crude Anglo-Saxonisms" have found their way into
place names and common terminology. We occasionally use "bad word"
filtering, but only the ones that we believe very unlikely to appear in
non-spam communications. Unfortunately, on the last one I
miscalculated, and tripped over the name of a provincial park in
Newfoundland (almost caused some people to miss their reservations),
which also happens to be the "proper" term for part of a skydiver's
equipment... We won't go into earlier experiences, for example, when a
very large ISP blocked the word "breast" - and entirely disrupted
several breast cancer support groups. But, apparently "bad word"
filters have become a lot more common these days. These things can be
hideously inaccurate.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows 2000)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQCVAwUBRDNsp53FmCyJjHfhAQKduQP/eyHSwKX7H2h4jAFXL+rvSTO0dYFNAhBV
ck6+vFDTr4svNBGf141MWOJPih5HmPqoEClpR3dySwBHRYnOlzPcrfvEkPTDn4iH
G/g0rLFuQ5QuqOLVZoHcEVv2VZjkaq6CXktjJwknqW5eERSkcKtrU9eVQLkAFygm
8n6UL3McduI=
=0Pwz
-----END PGP SIGNATURE-----
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg