[milters] Archive

Lists Index Date Thread Search

Article: 930
From: Adam Gibson
Date: 2006-05-11 14:43:12 -0400
Subject: Re: Milter-link & SpamAssassin...

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Anthony Howe wrote:
> Removal...........: milters-request@milter.info?subject=remove
> More information..: http://www.milter.info/#Support
> --------------------------------------------------------
> 
> Adam Gibson wrote:
>> I would implement this the same way on my servers because denying the 
>> connection could cause to many false positives for the redirection and 
> milter-link works on content, not the connection nor envelope. In the 
> month or so I've been using it prior to its release, I've not had one 
> false-positive and I tested it with the aid of someone's spam trap so it 
> was stressed tested and checked against a wide variety of input (the 
> only false-positives during initial development were do to coding 
> errors), but essentially the three URI BLs consulted have never caused 
> me any grief.
> 

My concern is that I would not want to deny an email for users when the 
only reason is that someone fat fingered a key when they typed in an url 
in the content of an email.  From my understanding milter-link would 
catch that email because the destination url does not work.  With using 
spamassassin to just help boost spam weight, it alone would not cause a 
rejection.

> The attached graph shows the spam trap activity in the last 24 hours. It 
> compares DNSBL and URI BL. rejections.
> 
>>> Otherwise if you're using a milter/SpamAssassin combo already, why use 
>>> milter-link, if you're not going to reject or quaratine? SpamAssassin 
>>> can already do the URL checks (though more slowly I think) and tag it 
>>> itself.
>>>
>> Your milter can check things that spamassassin doesn't (of course).
> 
> True. But milter-link doesn't do anything really fancy yet. Version 0.2 
> that I'm working on now identifies a certain class of spam (pump & dump 
> stock spam appearing as a .gif) through its MIME structure.
> 

I think you are not giving your app enough credit :).  Checking if an 
url is valid(web page works) seems like a big feature to me.  I just 
don't want that to be the only determining factor for rejecting it.

Lists Index Date Thread Search