On Wed, Aug 14, 2002 at 04:55:13PM +0300, Pekka Savola wrote:
So people know what address to use when they want to spam the whole IETF
(just forge From: to be scoya(_at_)ietf(_dot_)org or whatever, a couple of
tries and
you're in.)?
Not that it seems such a big secret now either..
Err, no. That's not how SpamAssassin works. It works based on
looking at characteristics of mail messages, to see if they "look"
like Spam. It's what many of us do automatically. For example if
there is a HTML only body, and no text, I'm very likely to hit the 'D'
key and go on, unless there's some very good reason why I think it
might not be spam. Similarly, if the character set is Korean or
Chinese or Japanese, I will also assume that it is spam, and likely
hit the 'd' key very quickly.
SpamAssassin merely automates this. What I was suggesting was that
there are ways in which mail sent to the IETF Announce mailing list
"looks" like spam. By making it look less like spam, it makes it
easier for spam filtering tools to work.
This is not a big deal; I can put in an explicit rule which whitelists
the IETF announce list. But it's better if I don't have to do that,
since then the whitelist gives the spammers something they can
imitate, per your criticism above. (Not that IETF'ers represent a big
enough market that spammers would be likely to try to hit us, in any
case.)
- Ted