[Linux-bruxelles] spamassassin article appearing 23 dec
eric Hanuise
ehanuise at fantasybel.net
Mer 1 Jan 21:36:01 CET 2003
Hi.
I came upon your article about Spamassassin after someone posted a link to
it on a mailing list i'm subscribed to.
I am a system administrator, and while I do not use spamassassin, I
recently assisted to a presentation of the program and its working mechanisms.
I was quite puzzled by your article, which seems to show that you did not
really understand what happened nor exactly how spam assassin works.
Spam assassin automatically processes all email passing trough a given
computer according to a set of rules defined by the site's administrator.
The principle is as follow : most spam can be identified by some
characteristics. For example messages starting with 'dear friend' or
subjects starting with 'friend,' or html-based email rather than reguler,
standard, text-only email.
Some keywords also can be used, and so on.
The method SpamAssassin uses is : each messages goes trough all the 'rules'
or 'filters' defined by the sysadmin.
Each time a rule triggers positive results, points are awarded to the message.
At the end, all points are totalled, and if a preset (by the admin) figure
is reached, the message is classified as spam.
so, here are a few important things to understand :
- SpamAssassin does not _generate_ spam. it merely tries to identify it
- SpamAssassin does not 'snoop' emails. It's all machine-processing, no
human intervention on a per message basis
- The setting of the rules, filters and points ratios takes some time to
set up, your message may have crossed a server which was not (yet) properly
configured
- Your email triggered some rules on the server, gaining a score of 7
whereas the 'spam' trigger value was set to 5. The elements that awarded
your message 'spampoints' are listed in front of the message : 'dear
friend' in message , html message with a colored background, and triggering
ot a 'porn' rule.
- the first two points are objective rules, and generally considered bad form
('dear friend' in a message sent to a group of persons is questionable, but
html-based mail with a color background is a major no-no. see "Why HTML in
E-Mail is a Bad Idea" http://www.betips.net/etc/evilmail.html )
- the third pint is more interesting : some keyword(s) in your message
triggered a 'porn' rule. Now this sounds like an accidental problem and it
would be very interesting to contact the sysadmin of that server and
investigate with him what words triggered the rule and help him refine that
rule. That would be _way_ more constructive than posting an article
trashing him, no ?
Also, don't get me wrong but I must say I was a bit shocked by the
agressive and even contemptuous tone of your article. It somehow gave me
the impression of something written by someone angered, as opposed to a
well tought-out article. (If this sentence has you angered, please by all
means take the time to calm down, and re-read it carefully. Think about it
for a while, and only then reply. Thanks in advance)
You really should not take that incident as a personnal attack (as in 'that
sysadmin labelled by email as spam') but rather as a technical error that
can be corrected.
Spam is a real problem, ant getting worse everyday. Please support people
that actually try to do something against it.
thank you for your time.
----------------------------------------------------------------------
Touchy! IT and Network consultancy
Eric Hanuise - ehanuise at fantasybel.net
----------------------------------------------------------------------
() ascii ribbon campaign - against html mail
/\ - against microsoft attachments
Why HTML in E-Mail is a Bad Idea
http://www.betips.net/etc/evilmail.html
Plus d'informations sur la liste de diffusion Linux-bruxelles