[antispam-f] Re: [antispam] Is this too dangerous?
- From: Dave Barnett <dave@xxxxxxxxxxxxxxxxx>
- To: antispam@xxxxxxxxxxxxx
- Date: Mon, 25 Sep 2006 10:14:21 +0100
In a recent message Mark J <Mark@xxxxxxxxxxxxxxxxxx> wrote:
> In message <bdaf876b4e.stuart@xxxxxxxxxxxxxxxxxxxxxx>
> Stuart Painting <stuart@xxxxxxxxxxxxxxxxxx> wrote:
>
>> Mark J <Mark@xxxxxxxxxxxxxxxxxx> wrote:
>>
>> > In message <e0b2616b4e.stuart@xxxxxxxxxxxxxxxxxxxxxx>
>> > Stuart Painting <stuart@xxxxxxxxxxxxxxxxxx> wrote:
>> >
>> >> Sounds like a pretty risky user test to me.
>> >
>> > As I wrote - I test for a /single/ word subject with more than one
>> > capital, and that /single/ word is more than eight characters long.
>>
>> Ah, you left out the "eight characters" bit before. Yes, that's a
>> whole lot better.
>
> Yes; sorry. I also mentioned a "From:" which should have been a "To:",
> but that got past you :-)
>
>>
>> For the record, I looked back through my AntiSpam logs to see how much
>> stuff your user test would have caught. For the past 4 weeks it was
>> one email out of 2247, and for the previous 7 weeks it was one email
>> out of 3945.
>
> - that's a little unfair; I use this rule because, specific to my
> situation, the particular Subject in question is not being caught
> elsewhere. For me, obviously, it removes all of them, and will do what
> the op whishes.
>>
>> YMMV, of course. In my case the efficacy of the rule would be much
>> improved if it ignored any "Re:" or "Fw:" on the front of the subject
>> (that one change would bring the hit rate up to nearly 1%).
>
> - but again, this particular spam doesn't (so far) have such a prefix,
> and I deal with other problems in other ways...
>
>> > As I once said, and was (in my
>> > opinion) unfairely slapped down for suggesting it - senders should
>> > bear some responsibility for their emails not being seen as spam;
>>
>> That's an uphill battle. Spammers (and, more particularly, virus
>> writers) do quite often pick innocuous subject lines for their
>> spewings. It can take some time for a new user to realise that "Hi
>> there" or "Look at this !!!" aren't the best choices of subject line.
>>
>> To quote a real example: on my website I have a "contact me" page that
>> mentions an email address to be used. That page also asks people to
>> use a *meaningful* subject line when emailing me. Nevertheless I get a
>> steady trickle of emails to the quoted address with subjects such as
>> "Hello" or "Your website". How many of them are legitimate emails from
>> people who can't follow instructions? I've no idea, since I delete
>> them all unread :-(
>
> I use a different tack: I use a munged email name with year suffix in
> any public place, and that name is top of the whitelist; anyone who
> uses it will always get through, and my response, with an enduring
> name, will very likely be the one that is added to their address book,
> or be the one to which they reply (and they get told not to rely on
> the "xxx06@" one anyway). Enduring contacts will be in the whitelist,
> non-enduring ones will find themselves using the website "xxx07@" next
> year to no disadvantage. In any event the year name stays at the top
> of the whitelist until it becomes compromised, at which point it's
> removed.
>
> And my last rule is "Delete: = *" :-)
>
I used 'Delete To: = *' while I was on holiday, it worked well. I've
reduced that to 'Defer To: = *' now, so that I have a better chance of
spotting new rules. On a good day, it only catches about 20.
--
Dave
Other related posts:
