Full Disclosure mailing list archives
Re: Spam with PGP
From: "Jonathan A. Zdziarski" <jonathan () nuclearelephant com>
Date: Tue, 07 Oct 2003 14:45:43 -0400
Actually the way SA does it weakens filtering. SA's bayesian filtering is only a very small piece of SA, and unfortunately not much attention has been given to it. The filter's final calculation is only a small percentage of the actual final score. Because true Bayesian filtering performs a huge majority of the same tests that SA performs, SA's own ruleset easily waters down any bayesian findings whenever there are opposing values between the two. For example, a pine MUA...SA thinks a pine MUA suggests an innocent message, but a majority of the emails with a pine MUA my wife receives are spams. In this case, the hard-coded MUA rule will unfortunately water down the score, even if Bayes thinks a pine MUA is spam. Obviously the pine MUA is just a small rule, but if you apply this to the other rules, you get the same results. What's worse is that last time I looked (this may have changed), SA's bayesian filter did not appear to have a mechanism for learning, but was just a static dictionary. If users got spam there was no way for the user to forward their spams into the system for processing. Again, this may have changed and if it has, that's great. The product of Bayesian filtering includes all the heuristic tests as well, so having both _hurts_ you, and is not something you benefit from. It is much better to focus on creating a strong probability-based filter IMHO...and I think the statistics agree with me.
Of course, SpamAssassin does bayesian filtering as well. heuristic + bayesian is better than either alone, IMHO.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Spam with PGP, (continued)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 07)
- Re: Spam with PGP Shawn McMahon (Oct 07)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 07)
- Re: Spam with PGP Michael D Schleif (Oct 08)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 08)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 08)
- Re: Spam with PGP Shawn McMahon (Oct 07)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 07)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 07)
- RE: Spam with PGP Kurt Weiske (Oct 07)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 07)
- Re: Spam with PGP Bob Apthorpe (Oct 07)
- Re: Spam with PGP Shawn McMahon (Oct 07)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 07)
- Re: Spam with PGP Devin Nate (Oct 07)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 07)
- Re: Spam with PGP Devin Nate (Oct 07)
- Re: Spam with PGP Jonathan A. Zdziarski (Oct 08)
- Re: Dealing with spam (was: Spam with PGP) Paul Russell (Oct 08)