Re: [Asrg] Adding a spam button to MUAs

"Chris Lewis" <clewis@nortel.com> Sat, 30 January 2010 04:56 UTC

Return-Path: <CLEWIS@nortel.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D86E93A690D for <asrg@core3.amsl.com>; Fri, 29 Jan 2010 20:56:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.343
X-Spam-Level:
X-Spam-Status: No, score=-6.343 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zeI+jnqOweSs for <asrg@core3.amsl.com>; Fri, 29 Jan 2010 20:56:21 -0800 (PST)
Received: from zcars04e.nortel.com (zcars04e.nortel.com [47.129.242.56]) by core3.amsl.com (Postfix) with ESMTP id BB2E53A68FF for <asrg@irtf.org>; Fri, 29 Jan 2010 20:56:20 -0800 (PST)
Received: from zrtphxs1.corp.nortel.com (zrtphxs1.corp.nortel.com [47.140.202.46]) by zcars04e.nortel.com (Switch-2.2.0/Switch-2.2.0) with ESMTP id o0U4uf117689 for <asrg@irtf.org>; Sat, 30 Jan 2010 04:56:41 GMT
Received: from zrtphx5h0.corp.nortel.com ([47.140.202.65]) by zrtphxs1.corp.nortel.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 29 Jan 2010 23:56:40 -0500
Received: from [47.130.64.135] (47.130.64.135) by zrtphx5h0.corp.nortel.com (47.140.202.65) with Microsoft SMTP Server (TLS) id 8.1.340.0; Fri, 29 Jan 2010 23:56:40 -0500
Message-ID: <4B63BC08.60201@nortel.com>
Date: Fri, 29 Jan 2010 23:56:40 -0500
From: Chris Lewis <clewis@nortel.com>
Organization: Nortel
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090812 Lightning/0.9 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20100128173112.85215.qmail@simone.iecc.com> <4B61CC2F.404@mtcc.com> <20100129134451.GA27203@gsp.org> <4B63199A.4040200@mtcc.com> <100129100819.ZM8697@torch.brasslantern.com>
In-Reply-To: <100129100819.ZM8697@torch.brasslantern.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 30 Jan 2010 04:56:40.0987 (UTC) FILETIME=[9C9FCEB0:01CAA168]
Subject: Re: [Asrg] Adding a spam button to MUAs
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jan 2010 04:56:22 -0000

Bart Schaefer wrote:

> These two foci are in conflict.  For Rich, it's obvious that end users
> have limited expertise in distinguishing undesirable traffic; and to
> allow the users to express their opinion, he must first allow that
> traffic to pass, which is unacceptably dangerous, possibly disruptive,
> and violates the "as early as possible" constraint.  Only an absolute
> classification helps to solve Rich's problem.

Your description actually means that nothing can be blocked without a 
user first saying it should be blocked.  IOW, the foci you've described 
can't block, ever, because the user hasn't told you yet it's bad, and by 
the act of seeing it, the choice to block or not is moot.

That's obviously silly.

Remember: TiS buttons are intended to catch those things that your 
filters didn't _already_ capture.  They're to refine your filters for 
future repeats of the same thing (however "same" is defined).  _Not_ 
_be_ the filters.

If the filters can tell something is bad, you block it, no matter how 
you've determined it to be bad.  No TiS hits necessary.

TiS is an _adjunct_ to your filtering strategy.  Not the whole thing.

> Rich may be overly dismissive of Mike's problem, but to declare concerns
> about maintenance and security to be anachronisms not part of the "actual
> job" is to repeat the mistakes of the past.

Mike is not dismissing it.  I certainly ain't, because I have to 
maintain and secure the darn thing.  TiS buttons certainly don't 
compromise our maintenance and security.