There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon@hachyderm.io that, and spammers use the same systems as "legitimate" marketing activity. i got inbox bombed by zendesk support tickets a few months ago.
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon And by implication, marketers are stupid as a shoe. They have dog shit for brains.
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon that is a very good point!
-
@danslimmon unsolicited marketing activity
@north @danslimmon Specifically Pointless Act of Marketing.
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon spam blockers are also dumb as wood, like aws that puts email receivers in a blocklist as soon as they bounce *once*.
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon
Legitimate marketing should be treated like spam. Maybe it will improve in order to evade detection. If not? Nobody cares.
@ml -
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon I personally find that greylisting + greytrapping removes the obvious ones, and saves a lot of electricity plus wear and tear on the poor servers doing content and header filtering.
My greytrapping and misc retrospective is hopefully useful to others too: Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html - with references at the end.
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon As someone who has been dealing with spam in wiki environment I think this is a bad take. Automated spam detection is hard because we don't want to accidentally target legitimate users. And legitimate user activity sometimes may look like spam to a dumb machine code.
I can only guess what you mean by a "legitimate marketing activity", however implication that it's easy to make automated spam detection system that would target all corporate advertising is silly.
Context is always important and no automatic spam filter can judge it better than a creature can.
I do agree that spammers are insanely stupid, that I did notice after years of working in the field.
-
@danslimmon just block all legitimate marketing emails problem solved
@azonenberg @danslimmon most spam I get is badly formatted and gets rejected by postfix even before my spam filter gets to see it. The most common fail is no reverse DNS.
And my spam filters then rejects most of the rest, they don't even get into my spam folders.
So most of the marketing emails I get to see are from companies I have bought from in the past and I've decided I want to see when they are running sales: useful for items I regularly buy such as bike brake pads. -
@danslimmon just block all legitimate marketing emails problem solved
@azonenberg @danslimmon unfortunately, there are, for example, banks who will stop sending you transaction notices if you report their spam as spam
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon This reminded me of that one Twitter thing where they tried to develop an automated system to combat hate posts from white supremacists, but had to shelf it because it would mark posts from official GOP politician accounts
Twitter reportedly won't use an algorithm to crack down on white supremacists because some GOP politicians could end up getting barred too
Twitter used an algorithm to crack down on ISIS-related tweets, but an employee said an algorithm targeting white supremacists could bar GOP figures.
Business Insider (www.businessinsider.com)
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon I'd say legitimacy is created through active consent, opt-in only. Because when I absolutely *want* to receive 'product news' from the people whose stuff I enjoy using every day, I don't consider it spam at all.
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon Honestly, the hardest thing in email anymore is getting your legitimate emails through to the big three when you aren't using their services. I do not regret leaving gSuite or whatever they call it this month, but managing one's MX reputation can be a pain in the ass.
-
@azonenberg @danslimmon most spam I get is badly formatted and gets rejected by postfix even before my spam filter gets to see it. The most common fail is no reverse DNS.
And my spam filters then rejects most of the rest, they don't even get into my spam folders.
So most of the marketing emails I get to see are from companies I have bought from in the past and I've decided I want to see when they are running sales: useful for items I regularly buy such as bike brake pads.@marjolica @azonenberg @danslimmon
If we blocked no reverse DNS, I'm not sure there would be anything left.
-
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
@danslimmon From a legitimate mail (not even marketing) that I intentionally subscribed to:
X-Spam-Status: Yes, score=5.323
tests=[DIRECT_LOW_CONTRAST=2.499, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DMARC_PASS=-0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25,
HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1,
MISSING_HEADERS=1.021, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001,
REPLYTO_WITHOUT_TO_CC=1.552] -
@danslimmon This reminded me of that one Twitter thing where they tried to develop an automated system to combat hate posts from white supremacists, but had to shelf it because it would mark posts from official GOP politician accounts
Twitter reportedly won't use an algorithm to crack down on white supremacists because some GOP politicians could end up getting barred too
Twitter used an algorithm to crack down on ISIS-related tweets, but an employee said an algorithm targeting white supremacists could bar GOP figures.
Business Insider (www.businessinsider.com)
-
@danslimmon Honestly, the hardest thing in email anymore is getting your legitimate emails through to the big three when you aren't using their services. I do not regret leaving gSuite or whatever they call it this month, but managing one's MX reputation can be a pain in the ass.
@nuintari
Try managing it when you move servers.
My current Algo:
- Get the new server
- Add the new server to SPF, and add it as low-prio MX (but don't run anything on port 25, yet)
- wait a month
- cross fingers
- pray to the gods of email. Like, *really* hard
- switch servers, but keep the old server around, just in case
- monitor results
- if problems occur: switch back and fix
@danslimmon -
@danslimmon There is no "legitimate marketing activity" in email. Any mail that's sent in mass of a commercial nature is spam.
@dalias
Hard to differentiate though. When Oracle's billing department produces mails that confuse spam filters..
@danslimmon -
There's this myth that automated spam detection is hard because spammers are all very clever masters of disguise.
No. Spammers are stupid as a shoe. They have dog shit for brains.
Automated spam detection is hard because the line between spam and "legitimate" marketing activity is a fiction.
A number of times, at a number of different organizations, I've asked *my employer* (and their partners) to please do a better job with their email requests for action so as *NOT* to "check off" a number of issues in their emails that are literally in their own required computer security training.
-
@marjolica @azonenberg @danslimmon
If we blocked no reverse DNS, I'm not sure there would be anything left.
@jrdepriest @azonenberg @danslimmon not my experience.
Over the last 4 weeks I rejected 16.3% of emails.
Of that 1.9% were replied 4.7.1 (try again later) and 0.4% were replied 5.7.1 (spam) and ended up in my spam folders to review.On the other hand 13.4% lacked a reverse hostname. The great majority of those were from China (.cn). Only one was from a (UK) site I have bought from.
