lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20061002100302.GS16047@mea-ext.zmailer.org>
Date:	Mon, 2 Oct 2006 13:03:02 +0300
From:	Matti Aarnio <matti.aarnio@...iler.org>
To:	Lee Revell <rlrevell@...-job.com>
Cc:	linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: Spam, bogofilter, etc

On Fri, Sep 29, 2006 at 10:23:12AM -0400, Lee Revell wrote:
> What ever happened with bogofilter on vger?  The spam problem is
> considerably worse in the past few weeks.

It is globbing (and blocking) lots of spam.
And now it is rarely blocking ham - under 10 cases per week.

Yes, the thing is NOT 100% perfect.
Especially very short spams are prone to leak thru it,
and those hams that do get block do tend to be longish, and
never before seen.  (It all comes from Bayes Statistics.)

However what is now apparent is that we are no longer
adding very much new patterns into Majordomo filter.
Indeed we are taking off old patterns that bite at wrong things.

I do think that Markov Chains combined with Bayes Statistics 
might do a wee bit better.  (Except with very short emails.)
However all that these things are able to do is essentially
grow the key database when spammers are producing new mutated
(mis-spelled) texts by mixing in spaces, punctuations, and even
occasional characters.

For recognizing those pill merchants one needs complex software
to read the site at the URL, and to read texts out of the IMAGES
at the site.  Captcha to get thru spam filters...

The idea of closed lists is ever more appealing.
We do need to do something for the bug-report addresses like
linux-smp@...r.kernel.org -- so that addresses specified for
receiving the bug reports will still receive them.

I can do fairly easily "this address is allowed to post" type
filters at Majordomo - it has a way to specify allowed posters.
Usually it is used to permit list members to post, but it can
also be configured to use other datasets.


> Lee

  /Matti Aarnio
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ