John Johnson wrote:
Alessandro Vesely wrote:In general, the reliance of a reputation system is not an objective datum. I'd invite ESPs to let users choose which authorities they wish to trust. It is part of the anti-spam policy, which is different from the firewall policy: _their_ mail, _my_ server.Are you delivering 100% of the email destined for them? Or are you treating the e-mail as __my_network_asset__ before delivery?
I just deliver mail to recipients. Well, after A-V filtering. Ah, I also grab postmaster@, abuse@ and similar addresses.
Other than RBL's, what other choices do you allow your users to tune?
I never meant to give them the root password, if that's what Chris means by "allow them to diddle the server-level knobs directly".
What I wanted to say is that we would get better responses from users if we were able to put better questions. Bayesian filters are so ambiguous that we should be ashamed of proposing them: why would people ever use artificial or natural intelligence if some much simpler statistical data sufficed? And I don't mention TIS buttons, as their ambiguity has been pointed out recently. Doesn't everybody agree that we only use such tools because we have nothing better at hands?
Where does being responsive to your users end, and protecting your network begin?
Hm... I don't work in a large corporate network, so that's possibly where I misunderstand what someone else may mean by "policy". AFAICS, being responsive and protective are not conflicting tasks. Hence, a well planned anti-spam policy should provide for clear-cut user level options, if at all possible. Whether setting those options is or is not part of a system's anti-spam policy, is a terminological question. (And the answer is?)
In particular, reputation systems deserve being at the user level. This is rather an observation than an appeal: governments or similar authorities in charge of patrolling the territory might have endorsed some DNSBLs, say, as part of their job. However, that didn't happen, and reputation, as the Credence paper that started this thread holds, looks likely to remain based on users' judgment.
_______________________________________________ Asrg mailing list Asrg at irtf.org https://www.irtf.org/mailman/listinfo/asrg