[Linux-bruxelles] spamassassin article appearing 23 dec

eric Hanuise ehanuise at fantasybel.net
Mer 1 Jan 21:36:01 CET 2003 

Hi.
I came upon your article about Spamassassin after someone posted a link to 
it on a mailing list i'm subscribed to.

I am a system administrator, and while I do not use spamassassin, I 
recently assisted to a presentation of the program and its working mechanisms.
I was quite puzzled by your article, which seems to show that you did not 
really understand what happened nor exactly how spam assassin works.

Spam assassin automatically processes all email passing trough a given 
computer according to a set of rules defined by the site's administrator.
The principle is as follow : most spam can be identified by some 
characteristics. For example messages starting with 'dear friend' or 
subjects starting with 'friend,' or html-based email rather than reguler, 
standard, text-only email.
Some keywords also can be used, and so on.

The method SpamAssassin uses is : each messages goes trough all the 'rules' 
or 'filters' defined by the sysadmin.
Each time a rule triggers positive results, points are awarded to the message.
At the end, all points are totalled, and if a preset (by the admin) figure 
is reached, the message is classified as spam.

so, here are a few important things to understand :

- SpamAssassin does not _generate_ spam. it merely tries to identify it
- SpamAssassin does not 'snoop' emails. It's all machine-processing, no 
human intervention on a per message basis
- The setting of the rules, filters and points ratios takes some time to 
set up, your message may have crossed a server which was not (yet) properly 
configured
- Your email triggered some rules on the server, gaining a score of 7 
whereas the 'spam' trigger value was set to 5. The elements that awarded 
your message 'spampoints' are listed in front of the message : 'dear 
friend' in message , html message with a colored background, and triggering 
ot a 'porn' rule.
- the first two points are objective rules, and generally considered bad form
('dear friend' in a message sent to a group of persons is questionable, but 
html-based mail with a color background is a major no-no. see "Why HTML in 
E-Mail is a Bad Idea"  http://www.betips.net/etc/evilmail.html )

- the third pint is more interesting : some keyword(s) in your message 
triggered a 'porn' rule. Now this sounds like an accidental problem and it 
would be very interesting to contact the sysadmin of that server and 
investigate with him what words triggered the rule and help him refine that 
rule. That would be _way_ more constructive than posting an article 
trashing him, no ?

Also, don't get me wrong but I must say I was a bit shocked by the 
agressive and even contemptuous tone of your article. It somehow gave me 
the impression of something written by someone angered, as opposed to a 
well tought-out article. (If this sentence has you angered, please by all 
means take the time to calm down, and re-read it carefully. Think about it 
for a while, and only then reply. Thanks in advance)

You really should not take that incident as a personnal attack (as in 'that 
sysadmin labelled by email as spam') but rather as a technical error that 
can be corrected.
Spam is a real problem, ant getting worse everyday. Please support people 
that actually try to do something against it.
thank you for your time.


----------------------------------------------------------------------
       Touchy! IT and Network consultancy
    Eric Hanuise - ehanuise at fantasybel.net
----------------------------------------------------------------------
  ()  ascii ribbon campaign - against html mail
  /\         - against microsoft attachments

     Why HTML in E-Mail is a Bad Idea
   http://www.betips.net/etc/evilmail.html

Plus d'informations sur la liste de diffusion Linux-bruxelles