Comment "Ending Spam" inconsistencies (Score 1) 112
Just a couple for now:
1. In your book, "Ending Spam" you are pretty harsh on commercial filters and basically anything that's not statistical filtering. You make very good points in favor of statistical filtering, but I feel that you've missed a major fact about spam. Statistical filtering requires that the end-user get actively involved in the spam filtering process. What happens when they don't (because, in general, they won't) How does that affect the attacks you described in chapter 7 and what techniques would you recommend to mitigate apathetic users? A lot of the mitigation strategies for the attacks delineated require (at least somewhat) active end-users.
2. Why did you give so much coverage to Marty Lamb's TarProxy? The project appears to have died long before your book came out and I can't find reference to anyone who actually used it in production. I am surprised that you gave so much berth to a project that was basically unproven, especially in the face of proven, commercial technologies that are in the same space, such as the SMS 8160.
1. In your book, "Ending Spam" you are pretty harsh on commercial filters and basically anything that's not statistical filtering. You make very good points in favor of statistical filtering, but I feel that you've missed a major fact about spam. Statistical filtering requires that the end-user get actively involved in the spam filtering process. What happens when they don't (because, in general, they won't) How does that affect the attacks you described in chapter 7 and what techniques would you recommend to mitigate apathetic users? A lot of the mitigation strategies for the attacks delineated require (at least somewhat) active end-users.
2. Why did you give so much coverage to Marty Lamb's TarProxy? The project appears to have died long before your book came out and I can't find reference to anyone who actually used it in production. I am surprised that you gave so much berth to a project that was basically unproven, especially in the face of proven, commercial technologies that are in the same space, such as the SMS 8160.
