From: Chris Drake
Sent: Saturday, November 20, 2004 5:43 AM
Hi Meng,
The quote I got was just over $1000 for "10 users", but I don't know
how they specify "users" just yet (like, how they count "agents" and
forwarding services etc). I know for sure my ISP didn't pay that much
and they're protecting us all. As for false-negatives, I've seen
hardly any.
I've used it for several years. Believe me, there are plenty.
Unlike SPF, they appear to block all forgeries while not
blocking "forgeries" that are real (eg: pobox customers who were not
told to stop using their own SMTP servers when pobox began publishing
SPF records). 1 in a billion is very small. very very small.
It's a content filter. Every technology has its pro's and con's. Content
filters can be gamed just like anything else. I wouldn't put a lot of stock
in that 1x10^-9 false positive rate. That's not really believable for any
content filter, no matter how many false negatives they allow through.
I suggest this number is more likely a combination of under-reporting and
creative marketing. If you operate in the mode where they accept the
message, tag it and deliver it, the false positives either get dropped by an
MUA rule or heaped into a giant spam folder for each recipient. They are
not that likely to be discovered in a pile that large, and even if they are,
only a fraction of those will be reported. Most users simply won't bother.
SPF and SRS are never even going to reach any ballpark within 2
orders of magnitude that small - at least - wiyhout curbing any
significant amounts of spam even! And that's not forgetting that
nobody cares about forgery anyway: they want spam eradication.
Au contraire, mon ami. I care a great deal about forgeries and so do a lot
of other people. Content filters do not address forgery, and they do make
mistakes.
It truly sucks when
someone comes out with something better than you've got, before you've
even finished it, but I have to say: this appears to be it.
This service has been available for years and it is a well-known commodity
in the email industry. It is nothing new, even though you have just
discovered it. Since most providers _don't_ use their services, that should
be a hint that some of the claims are a bit exaggerated or that the real
value delivered is less than the price.
$100 (plus asyetunspecified fee on anniversary, rumored to be 30% by
the salesman I contacted) to prevent a user getting crap without them
loosing anything? That's a solution that works, and now, and without
risk. And yes - I'm buying one. It'll pay itself off in under a
week.
Have fun and good luck. It sounds like someone has you convinced this is
the FUSSP. I thought that you would be more wary of any claim like that.
Lots of other people with clue have tried and abandoned this system. It's
not terrible, but it's also not what you appear to think.
--
Seth Goodman