Re: Re[2]: AWL on SA3.0rc1

[Justin Mason <jm...@jmason.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Robert Menschel writes:
> Hello Daniel,
> 
> Saturday, August 21, 2004, 12:19:07 PM, you wrote:
> 
> >> (IMO, [AWL] should be off by default to maintain consistency with past
> >> versions, but it's not)
> 
> DQ> Yeah, that would be more consistent, but my inclination is that we
> DQ> should put our best foot forward by default and the AWL *does* improve
> DQ> accuracy.  Of course, the AWL algorithm could be better (adding a decay
> DQ> is on my list of things to try).
> 
> Daniel,
> 
> My primary hesitation with AWL has to do with spoofing -- we get too many
> spams "from" one of our domain addresses "to" another. I'm concerned that
> these will lead AWL to be incorrect wrt our domains. (Since our email
> runs on shared web servers, ALL email except webmail comes from external
> sources, even those I send to others within our domain.)

Bob --

don't forget that the AWL isn't that naive -- it includes the IP
addresses that originated the mail as part of the "sender address"
field, so spoofing isn't as simple as using the same email addr
in the From field...

> Would it be appropriate for me to but in a bugzilla request for something
> like the following parameters that would enable us to turn off AWL
> processing for specific addresses or domains? If we had that capability,
> then I'd have no problem using AWL here.
> > awl_exclude_address address-to-exclude
> > awl_exclude_domain  domain-to-exclude
> and then, since there are bogus addresses that have been harvested and
> which are guaranteed to be spam,
> > awk_include_address address-to-include
> would be beneficial to always flag those as spam.

You might as well blacklist_to those, that's what I do ;)

- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFBKPY5QTcbUG5Y7woRAn+eAKDsW742C6TNKvqwcN50Hl9ZdvZ0pQCguH5A
aJVY9xbjZ7ii8Ib+lVk9Q3k=
=wpGa
-----END PGP SIGNATURE-----