Wondering if you're also testing SpamCop, http://www.spamcop.com. The work of a Seattleite named Julian Haight, http://www.julianhaight.com, and have any comment.
I haven't evaluated it, but I'm afraid I've a bit of a bone to pick with it. False positives are not unknown. Worse, it sends automatic anonymous complaints to upstream providers of anybody even mentioned in the putative spam.
For example, apparently there's a California Linux user group, one of whose subscribers (I've no way of telling who) has SpamCop installed. When a post goes out to that user group mentioning one of our websites, our upstream providers get anonymous complaints about "spamvertised website". They then waste their time relaying these to me, and I waste my time explaining, for the nth time.
For another example, one of our mailing lists had a subscriber who apparently decided he didn't like us. Instead of unsubscribing, he began making SpamCop complaints. I wasted about an hour on that one, until I eventually determined what domain the complaint had come from, and solved the problem by deleting everybody from the domain (the number was small) from all of our lists.
Yet another. "Forgot my password" on our Mailman lists apparently trips at some SpamCop content filter; I've fielded at least one spam auto-complaint thus generated.
Complaints about false or frivolous reports to SpamCop, which operates the anonymous remailer, have so far been ignored. At this point I've personally given up on expecting reasonable behavior from them, and added a "deny" to our MTA setup, for all mail from their domain.
The SpamCop site has verbiage implying that a mailing list had better be able to prove it is double-opt-in, and had better maintain proof of opt-in for each individual subscriber, or else. The "or else" isn't specified, but apparently Mr. Haight has had some record of success in arranging loss of internet connectivity. No doubt some of those affected have been actual spammers, but with one man serving as judge, jury, and executioner, I'm afraid I don't see much about this effort to reassure the rest of us.
On Fri, Jan 04, 2002 at 04:42:51PM -0800, J C Lawrence wrote:
On Sat, 5 Jan 2002 00:26:38 +0100 fil <fil@rezo.net> wrote:
Here's something that would be most useful against spam: somewhere in the pipeline check the message against the "razor" (**) spam database, and send it to the trash if it matches.
I've been running Razor in test mode here on my personal mail account for about 5 weeks. To date the false positive rate is about 8%. That's far too high for deployment as a system service. It also has a very high false negative rate (worse than any of the other's I'm testing).
SpamAssassion conversely has a false positive rate (over the same period) of 3 messages out of 93,648 (yes, I get a lot of mail at home).
-- J C Lawrence
---------(*) Satan, oscillate my metallic sonatas. claw@kanga.nu He lived as a devil, eh?
http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live.
Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers