[Spambayes] RE: Yahoo's "domain keys" and spam
kennypitt at hotmail.com
Fri Dec 12 14:20:21 EST 2003
Robert K. Coe wrote:
> Where is it written that Spambayes would "add a token verifying the
> presence of a domain key entry in the header"?
It's not. This was just a question for discussion as to whether or not
it would be the right thing.
> ... Doing so would seem to
> be self-defeating if credible forgeries of domain keys become
Yes, I'm sure it would. It was suggested in the quoted message that we
would need to include intelligence to validate them, and I think that
would be important.
> ... and only marginally helpful otherwise (since the "I know
> it when I see it" model of spam detection works very well for humans
> and fairly well for Bayesian filters without this additional
The mantra of this project has always been "intuition is a poor guide".
It's just one more piece of evidence for the filter to consider.
Whether that piece of evidence ever makes a difference in the real world
is anyone's guess. The actual performance would be thoroughly tested
before incorporating the feature into the product.
>> -----Original Message-----
>> From: Ryan Malayter [mailto:rmalayter at bai.org]
>> Subject: [Spambayes] Yahoo's "domain keys" and spam
>> Will we want to have SpamBayes check these (since many SB users will
>> have no control over what happens at their ISP or corporate gateway)
>> as they become widespread?
>> Just as obviously, spammers will attempt to forge them as well (to
>> fool filters like the current SpamBayes that would just add a token
>> verifying the *presence* of a domain key entry in the header), or use
>> yet-to-be-revoked keys from domains obtained through fraudulent
>> means. I think some intelligence must be built into spambayes to
>> handle these...
More information about the Spambayes