From: jfaughnan@spamcop.net (John Faughnan)
Newsgroups: news.admin.net-abuse.email
Subject: Re: Spam from NAV and other antiviral software
References: <5c0dbfb4.0401301007.3c0ed81f@posting.google.com>
NNTP-Posting-Host: 209.98.142.122
Message-ID: <5c0dbfb4.0402061031.50782c1a@posting.google.com>
Godwin Stewart
> What annoys me and most of the participants in this thread is crap from
> third parties' AV systems telling me "You sent John Doe a Mimail-infected
> mail - this warning mail was generated by Acme software soopah anti-virus
> visit http://foo/bar for your FREE!! evaluation copy."
> That's what I was referring to as the spam advertising AV crapware, and
> what I assumed we (tinw) wanted to have clearly identified.
This thread has drifted, as usenet threads are wont to do, but now
you've circled back to what I'd like to see.
Mainstream anti-spam organizations(CAUCE, OSF) etc have the
credibility and moral authority to ask vendors to include metadata in
their subject headers identifying the message type (ie. notification
of infection, bounce of infected message, etc.).
Then OUR spam filters can filter out those messages. I think, to keep
everyone happy, it is reasonable for postini and other anti-spam
filtering systems to send a once weekly message summarizing the
filtering activity. The message content would look something like
this:
Message Traffic Report for the week of Feb 2, 2004
1. Total message traffic: 5100
2. Messages filtered and not relayed: 4650
3. Messages relayed: 450
Filtered Messages: 4650
1. Mainstream vendors: 50
2. Pornography and scams: 4000
3. Notifications of viral infection: 200
4. Bounces from viral notifications: 100
5. Untyped: 300
Transmitted messages: 450
1. Signed and authenticated mail passed without filtering: 50
2. Messages from class A sending services passed without filtering:
200
3. Messages passed after filtering: 200
--- SOOOO,
What we need is someone who's voice is heard to bring this up with the
credible antispam organizations and start to put some media pressure
on the antispam vendors to start putting message-type identifiers in
their headers or subject lines. Then we can easily filter them out.
john
PS. If postini accompanied this type of report with a view of my spam
organized by those classifications, I might actually scan it for false
positives on occasion. OK, probably not.
PPS. Part of this imaginary report reflects another long held ambition
of mine -- Filtering based on the managed reputation of the sending
service.
meta: jfaughnan, jgfaughnan, spam, filtering, sending services,
authentication, reputation management, antiviral software spam,
message metadata, classification and categorization, workflow, message
management
No comments:
Post a Comment