|
|
Positive v. negative reputation scoring: msg#00197mail.spam.razor.user
It seems to me that perhaps a missing element in Razor is measurement of the likelihood that a given source of bulk e-mail is *not* a spammer. As far as I know, TeS is only concerned with the reputation of reporters in terms of how consistently they accurately report spam. As with any other reputation system, it has the potential of abuse by anyone who can figure out how to build up a positive reputation. It seems to me that the impact of such abuse could be mitigated with a reputation system that covers e-mail sources. On the one hand, there would be those who try to abuse Razor by automating the creation of a number of identities that build up positive reputations for reporting spam. Even without knowing how TeS works, it's not hard to imagine that possibility, mainly because of the latency issue; Razor has to repond very fast to new spam, or it is useless. Thus, there isn't a lot of time to figure out that someone is misusing their good reputation. On the other hand, consider someone trying to abuse a reputation system for bulk e-mail sources. Their goal is to have a lot of reports that say that X is a trusted source of bulk mail. The latency problem doesn't exist; a brand-new bulk mail source will have no reputation at all, so it cannot benefit. But a well-established source -- such as EFF, obviously -- will have had time to build up a positive reputation that ideally would counter-act any abuse of the Razor system. We struggled with this issue quite a bit at Opion Inc., whose core technology I invented. It relied on traffic analysis of public discussions to ensure that the foundation of positive reputation had a solid historical basis. Razor is inherently dealing with e-mails that have zero or very short history without comparing them to sources that may have years of history that would be difficult, indeed to spoof. As a technical note, bulk e-mail source reputation would obviously require strong identification of sources to the Razor system, but I think we know how to do that quite well. Otherwise, simple spoofing of the source's identity would beat the system. Nick -- Nick Arnett Phone/fax: (408) 904-7198 narnett@xxxxxxxxxxxx ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Can forwarded emails be razor-reported ?: 00197, Matt Kettler |
|---|---|
| Next by Date: | Re: Positive v. negative reputation scoring: 00197, Shawn McMahon |
| Previous by Thread: | Can forwarded emails be razor-reported ?i: 00197, Edward Huang |
| Next by Thread: | Re: Positive v. negative reputation scoring: 00197, Shawn McMahon |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |