Ron Johnson <ron.l.johnson@cox.net> writes:
> On Wed, 2003-07-09 at 10:31, -ray wrote:
>> On 9 Jul 2003, Ron Johnson wrote:
>>
>> > On Tue, 2003-07-08 at 21:27, Andrew S. Johnson wrote:
>> > > * 0.0 -- User-Agent header indicates a non-spam MUA (KMail)
> So they just assume that anyone using KMail would never send out spam?
No.
They use a genetic algorithm to create the scores for various rules.
Used to be that spammers would forge Outlook headers, but be off by a
typo or two. SA could look at these obviously forged headers and
know that it was a spammer.
In the same way SA would look at valid headers and you have a fairly
good chance that it wasn't spam. Valid KMail headers probably once
had a fairly low (negative) score.
Of course, spammers saw this and got smarter. So they started
generating valid KMail or Outlook headers to get their spam through.
Then SA re-ran their genetic algorithm to re-gen their scores.
Obviously, the scores for good headers came way down.
Still, it looks like someone has manually fixed the KMail header
score at zero in their local installation.
So, long story short, SA rules are in flux to keep spammers from
taking advantage of them. That's why it is important to keep the
latest version of SA running.
Mark.
-- As long as you have mystery you have health; when you destroy mystery you create morbidity. -- G.K. Chesterson ___________________ Nolug mailing list nolug@nolug.orgReceived on 07/09/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST