Drop MICROSOFT_EXECUTABLE ...?

[Theo Van Dinter <fe...@kluge.net>]

I was thinking about this this evening -- I think we should just drop this
rule, and the appropriate standard code that looks for it.  It's not an
indicator of spam, and if people want anti-worm rules, people can write
plugins that look for this kind of stuff.

Any objections?

-- 
Randomly Generated Tagline:
"What you end up with, after running an operating system concept through
 these many marketing coffee filters, is something not unlike plain hot
 water."
 (By Matt Welsh)

Re[2]: Drop MICROSOFT_EXECUTABLE ...?

[Robert Menschel <Ro...@Menschel.net>]

Hello Nix,

Thursday, February 5, 2004, 4:23:19 PM, you wrote:

N> On Thu, 5 Feb 2004, Robert Menschel muttered drunkenly:
>> Therefore I'd much rather keep this rule than lose it.

N> Plus, it's useful for keeping corpuses clean. :)

That's a good point.  It's fairly easy to scan my weekly spam folder
before adding it to my corpus, identify anything with
MICROSOFT_EXECUTABLE in the header, and delete it before incorporating
the remainder into my corpus.

Bob Menschel

Re: Drop MICROSOFT_EXECUTABLE ...?

[Nix <ni...@esperi.org.uk>]

On Thu, 5 Feb 2004, Robert Menschel muttered drunkenly:
> Therefore I'd much rather keep this rule than lose it.

Plus, it's useful for keeping corpuses clean. :)

-- 
`note to the crown prosecution service: Machine guns dont have a
 'stun' setting.' --- mjw

Re: Drop MICROSOFT_EXECUTABLE ...?

[Robert Menschel <Ro...@Menschel.net>]

Hello Theo,

Wednesday, February 4, 2004, 3:13:19 PM, you wrote:

TVD> I was thinking about this this evening -- I think we should just drop this
TVD> rule, and the appropriate standard code that looks for it.  It's not an
TVD> indicator of spam, and if people want anti-worm rules, people can write
TVD> plugins that look for this kind of stuff.

TVD> Any objections?

I can understand the philosophy behind this, but as an end user, one who
would normally not be able to write my own rules (I'm limited to
user_prefs on the mail servers), I suspect I also would not be able to
write my own plugins (do correct me if I'm wrong about that).

Yes, viruses, worms, and trojans are not spam, but they are mass mailings
we don't want. My mail servers don't do automatic anti-virus scanning,
and I don't have the authority/privilege to implement any there. I have
no method of blocking any of this unwanted mail at the server except
through SA, and MICROSOFT_EXECUTABLE is the major tool I use for this
(score at 15 of 9).

Therefore I'd much rather keep this rule than lose it.

Bob Menschel