doing dccproc -t many

Vernon Schryver vjs@calcite.rhyolite.com
Sun Apr 7 18:43:48 UTC 2002


> From: "Tony L. Svanstrom" <tony@svanstrom.org>

> > Reporting all spam as "many" is a Good Thing(tm).
>
>  I don't see how that can be a good thing, or rather how being able to easily
> report any e-mail beyond a score of one can be a good thing; to me it seems to
> turn the value of the scores, beyond being used as a "true/false"-thing, to
> nothing.

Please consider Vipul's Razor as a cooperative system for reporting and
rejecting spam.  See http://razor.sourceforge.net/ See also the voting
system from some people in Russia, but whose URL I've misplaced.

I think that such systems cannot be made to work except in very restricted
situations when only a very few people are allowed to report mail spam.
When you have more than a very few reporters, you cannot be sure that
none of them will make any mistakes and accidentally report good mail
such as a CERT advisory.  I've doubts about even one reporter being
sufficiently reliable, but maybe that's because I make too many mistakes.

When you have many reporters, you can be sure at least a few are sloppy.
Worse, you won't be able to ensure that none of them are bad guys
worse than spammers who would report selected a CERT advisory for
nefarious purposes.  I do not believe that any sort of judging, voting,
or juries scheme can fix this problem.  If you have more than a very
small number of people authorized to report spam, then you must assume
that every report as a significant probability of being mistaken or worse.

If you don't mind a significant probability of false reports and
so a significant number of wrong rejections of mail, that won't
bother you.  Most "spamfighters" seem to be people who care more
about fighting spam than receiving mail.  Those people might be
well served with something like Vipul's Razor.

If you value receiving good mail more than rejecting spam, then no
open, cooperative system can give good enough boolean or true/false
indications of "spam." However, you can have a cooperative system
that gives accurate enough true/false indications of "bulk" or
"suspicious." If you somehow such as with whitelists combine such
a system with private indications of "unsolicited," you can have
a spam detector.  That's the idea behind the DCC.


>  I seem to be reading "DCC isn't about reporting spam" and "reporting spam as
> many is good" at the same time... and although I understand what's going on I
> don't really understand why... well... why it isn't clearer when you start
> learning about DCC what it's meant to do; there seems to be a mix/confusion
> regarding being "spamfighting" and simply reporting e-mails seen by more than
> one person.

I think that common confusion is because people often think "spam" is
a single characteristic instead of a combination of two.  Many people
apply the word "spam" to any and all mail they don't want regardless of
whether they asked for it or it is bulk.  Some say any and all unsolicited
mail is "spam."  More than a few (but not as many as a few years ago)
apply "spam" to all unsolicited commercial or promotional mail.

If spam were any unsolicited mail, then you could use SMTP-AUTH,
SMTP-TLS, SMIME, PGP, or one of the many other schemes to reject
all mail from strangers.   If you define spam as any mail you don't
like or as promotional or commercial, then you'll have to hire a
human to screen your mail because computers understand natural
languages well enough.  They cannot distinguish "see this URL" from
your boss from very similar porn spam.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.