On Thu, 26 Aug 2004, AccuSpam wrote:
But I do not agree that ~ is 0.5 or that ? is 0.1. They are forever
ambiguous in terms of probability, because they are already used under the
previous ambiguous definitions. Actually I think ? means "do not know" or
"neutral" and since you can not doing anything then it is essentially the
same as PASS, depending on the receivers interpretation of "neutral".
It is essentially the same as NONE. ~ means most probably forged,
it is a softfail, not a softpass. So the probability of forgery
would be something like 0.9. The intent is that the only way it would
not be a forgery is if the administrator made a boo boo (which could
happen since they have just implemented SPF).
I am personally happy with the current coarse grained results. Why?
Because after rejecting the obvious forgeries (FAIL), they result
in nice tokens in the Received-SPF header. The bayesian filter then
quickly determines empirically the spam probabilities for NONE,
PASS,NEUTRAL,SOFTFAIL,ERROR,UNKNOWN.
Here are the current stats:
SPF result probability of spam
---------- -------------------
NEUTRAL 0.898679
NEUTRAL(guess) 0.926437
PASS 0.101463
PASS(guess) 0.257572
SOFTFAIL 0.910824
NONE(guessed) 0.658428
UNKNOWN 0.580007
ERROR too rare to measure
I could care less what the sender claims the probabilities are, and would
completely ignore any such extension to SPF. I'll stick with hard data,
not some guess the sender pulled out of their [select 3 letter epithet,
e.g. "HAT"].
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.