[Spambayes] Spambayes Training.

Richie Hindle richie at entrian.com
Mon Dec 23 17:36:10 EST 2002


Hi Tim,

> Hello, you want some unsolicited advice?

Always!  8-)

> [snip forward-to-self idea]

This is a good idea, and one that's been talked about before on this list -
you can find the discussions by asking Google about <spambayes "smtp
proxy">, but they're all mixed in with a lot of other discussions.  Tim
Stone built a prototype based on this idea.

Summarising: just like we proxy POP3 for incoming mail, the idea is to
proxy SMTP for outgoing mail, and have special addresses for Ham and Spam.

Your idea is simpler, in that we don't need to implement an SMTP proxy, but
also less secure - if I know you're running spambayes, I can spam you with
messages containing "--HeySpamBayesThisIsHam--" and fool the software into
training on my spams as ham.  It also means that you'll receive your own
training emails, which means setting up another filter, and would be a pain
for people on slow dialup links - the SMTP proxy could process the messages
without forwarding them on.

There's another problem with forwarding the mail - it destroys header
information.  We don't (currently) do a lot with the headers, but we do
look at them, and losing information from them would make the system less
accurate.  Some email clients have a "Forward Verbatim" or "Forward as
Attachment" command which could be used to work around this, but you're no
longer in the realm of "you don't need some special mail client" - some
mail clients won't get the full benefit, some may package attached messages
in different ways, and so on.

Bill, how does CRM114 cope with security?  It uses a password which you
need to keep secret?  And does it have a way of coping with the header loss
problem?

-- 
Richie Hindle
richie@entrian.com




More information about the Spambayes mailing list