Nelson's Weblog: tech / spamAssassinNetwork


Mastodon @nelson@tech.lgbt Linkblog Fri 2024-04-19 Turning Point voting fraud Thu 2024-04-18 Bicycles of World War II AI-ese Mon 2024-04-15 Butterick’s Practical Typography Wicked Bible Sat 2024-04-13 Normalization of Jan 6 Followgraph for Mastodon South Yuba Canal Fri 2024-04-12 Waffle House order marking Wed 2024-04-10 Boy Meets Boy Meets Boys’ Love Termux Tue 2024-04-09 Netflitwitter Nigeria’s Scrabble King Internet eclipse traffic Electric rickshaws Mon 2024-04-08 Eclipse power dashboard Windows terminal latency Grass Valley pasties Django's left hand Willie Nelson's guitar Search Archives 2023 12 11 10 09 08 07 06 05 04 03 02 01 2022 12 11 10 09 08 07 06 05 04 03 02 01 2021 12 11 10 09 08 07 06 05 04 03 02 01 2020 12 11 10 09 08 07 06 05 04 03 02 01 2019 12 11 10 09 08 07 06 05 04 03 02 01 2018 12 11 10 09 08 07 06 05 04 03 02 01 2017 12 11 10 09 08 07 06 05 04 03 02 01 2016 12 11 10 09 08 07 06 05 04 03 02 01 2015 12 11 10 09 08 07 06 05 04 03 02 01 2014 12 11 10 09 08 07 06 05 04 03 02 01 2013 12 11 10 09 08 07 06 05 04 03 02 01 2012 12 11 10 09 08 07 06 05 04 03 02 01 2011 12 11 10 09 08 07 06 05 04 03 02 01 2010 12 11 10 09 08 07 06 05 04 03 02 01 2009 12 11 10 09 08 07 06 05 04 03 02 01 2008 12 11 10 09 08 07 06 05 04 03 02 01 2007 12 11 10 09 08 07 06 05 04 03 02 01 2006 12 11 10 09 08 07 06 05 04 03 02 01 2005 12 11 10 09 08 07 06 05 04 03 02 01 2004 12 11 10 09 08 07 06 05 04 03 02 01 2003 12 11 10 09 08 07 06 05 04 03 02 01 2002 12 11 10 09 08 07 06 05 04 03 02 01 2001 12 11 10 09 08 07 One good site MDN Nelson Minar nelson@monkey.org Blog licensed under a Creative Commons License		SpamAssassin talks to the network Did you know SpamAssassin sends data offsite? I only noticed while debugging why spamassassin sometimes takes a full minute to classify a message. I'm having a hard time finding a full human-readable list of what it does, but if you have the source I think `grep 'tflags.net' rules/` gives you a dump. It at least does a bunch of DNS lookups and checks against Vipul's Razor, DCC, and Pyzor. I don't think SpamAssassin is evil. I am surprised that it does network checks by default. There's the obvious privacy issue. And network overhead can be high, particularly with 60 second timeouts. It seems like spamassassin installations are vulnerable to denial of service; if an attacker can cause all spamassassin installations to wait 60 seconds to classify every email, it could cause chaos in mail delivery. But network-based checks can be really useful. The DNS heuristics look great and the collaborative spam databases are a real solution to the spam problem. There's an obvious commercial opportunity here. For now I'm leaving network checks on. If you want, you can turn network checks off with the flag `--local`. tech 2003-04-23 16:26 Z Nelson's Weblog • tech → ago, bad, bittorrent, blosxom, dotnet, good, hqnx, iphone, mac, phone, photo, python, webservices