[35485] in bugtraq
Re: Is predictable spam filtering a vulnerability?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Jun 24 21:11:54 2004
Message-Id: <200406240719.i5O7JEIO025076@turing-police.cc.vt.edu>
To: Luca Berra <bluca@comedia.it>
Cc: bugtraq@securityfocus.com
In-Reply-To: Your message of "Sun, 20 Jun 2004 15:52:00 +0200."
<20040620135200.GA24947@percy.comedia.it>
From: Valdis.Kletnieks@vt.edu
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_1326342004P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Thu, 24 Jun 2004 03:19:14 -0400
--==_Exmh_1326342004P
Content-Type: text/plain; charset=us-ascii
On Sun, 20 Jun 2004 15:52:00 +0200, Luca Berra <bluca@comedia.it> said:
> I hold that after suitable training of the spam filter (this includes
> generation of whitelists and such), dropping mail into oblivion is
> perfectly safe.
Assume a spam filter that's 99.8% accurate. This is probably a *high*
estimate - we're talking only 2 errors per every thousand mails...
Assume several million messages a day (which is *not* a very large load
by today's standards - we're merely a large university, and even *after*
subtracting spam and virus mail, we're in that range)...
Calculate how many mails get dropped into oblivion each day.
I suspect that you and I have differing definitions of "*perfectly* safe".....
--==_Exmh_1326342004P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFA2oBycC3lWbTT17ARApSwAKCEcd4VtUVlU3VN5+f2XdUT9kBP5QCfW7FX
m8l2H27gUebYXImNjwPfCxA=
=EtQx
-----END PGP SIGNATURE-----
--==_Exmh_1326342004P--
