doing dccproc -t many

Tony L. Svanstrom tony@svanstrom.org
Sun Apr 7 21:18:13 UTC 2002


On Sun, 7 Apr 2002 the voices made Vernon Schryver write:

> I think that such systems cannot be made to work except in very restricted
> situations when only a very few people are allowed to report mail spam.

 True, and since you don't authorize people reporting to DCC you allow people
to report values from 1 to "many"; because they could fake it anyways (unless
you've got your own closed system, of course)...

 I understand the reasoning behind that, but when we start talking about
actually using the numbers for filtering we end up with a problem, which
basically is this:

 The average user will use DCC to get rid of e-mails he doesn't want to see,
and some well-meaning people will report "verified" e-mails as being sent to
1000's of people even thought it might have been sent to maybe 3 or 4 (by
mistake or by not looking closely at the e-mail before reporting it). All
that's leaving us with a number that can't be trusted beyond being a true/
false-switch regarding if anyone but you got the same e-mail (actually an
e-mail that is the same or almost the same, due to the fuzzines)... meaning
that your whitelist has to include everyone that possibly could send you an
e-mail, because you can't trust e-mails sent to a cpl of people to have a low
score.

 BUT... if you were to stop allowing messages to be reported with a high count
then you could trust messages with high scores to not be e-mails sent to only a
few people (unless one of those few is a bad guy getting the e-mail in time to
report it many times before you get it, of course).

 So, from my point of view that would remove a lot of the human errors while at
the same time not let any more mass-sent e-mails pass through (because true UBE
would get a high number anyways).

 Of course, IRL you might run DCC on a server with 50'000 accounts, and the
same UBE could be sent to all of them, so you can't really try to keep people
from reporting higher counts than one; but instead of saying that it's a good
thing that people boost the counts on unwanted e-mails one could say that the
nature of DCC is such that doing so will not help the system but will make it
report the wrong results.


 That's pretty much what I'm thinking right now; any comments/thoughts?


	/Tony
-- 
# Per scientiam ad libertatem! // Through knowledge towards freedom! #
# Genom kunskap mot frihet! =*= (c) 1999-2002 tony@svanstrom.org =*= #
-- Random URL (1/10):
<URL: http://eveander.com/sounds/sexysuz.wav > Suzy fell asleep one night...









More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.