Note that I don't necessarily believe everything in these books, but all of them provided me with important insights. Also, props to my 6502 assembler manual, long since turned to dust.
Anybody who has a bit of perspective on Rand will enjoy the delightfully mad and very funny Sewer, Gas, and Electric by Matt Ruff:
The year is 2023. High above the canyons of Manhattan, a crew of human and android steelworkers is approaching the halfway point in the construction of a new Tower of Babel. The Tower is the brainchild of billionaire Harry Gant, who is building it as a monument to humanity's power to dream. Meanwhile, in the streets and tunnels below, a darker game is afoot: a Wall Street takeover artist has been murdered, and Gant's ex-wife, Joan Fine, has been hired to find out why. Accompanying her is philosopher-novelist Ayn Rand, resurrected from the dead by computer and bottled in a hurricane lamp to serve as Joan's unwilling assistant. While Rand vainly attempts to tutor her in "the virtue of selfishness," Joan discovers that the murder is the key to a much larger mystery, one in which millions of lives may hang in the balance.
Just because a new way of distributing information and entertainment appears, doesn't mean the total demise of the previous technologies.
Neither does it mean they necessarily stay around.
The Vaudeville circuit, which gave performers like the Marx Brothers and Abbott and Costello their start, was mortally wounded by radio and film; telvision delivered the killing blow. The circus is a pale shadow of what it once was, and the tent revival is now just a footnote.
New technologies also can force deep changes in old media so much that they could be thought of as different beasts altogether. TV has changed film; gone are the days of the newsreel and the serial. Broadcast TV is still changing in response to cable TV, and both of them are still trying to figure out what to do in response to the internet.
The whole notion of channels is just a primitive hack to allocate scarce bandwidth. The unit cost of bandwidth to the home has dropped by more than 10x over the past decade, and there is enough innovation in the pipeline to keep it dropping for at least another decade. Between an abundance of bandwidth, smart networks, and smart terminals with big storage capacity, channels may not exist in the long term, except perhaps as a convenient way for humans to manage the flood of content available to them.
IF you're getting too much spam, change your e-mail address. Its as simple as that. Yes, it really is that simple. If you "can't" do this because too many people have your 'old' address, well then its not e-mail thats broken, its your management of it...
That's absurd. I suppose your solution to telemarketers is to change your phone number frequently? And the way to avoid getting too much junk mail is to move every year or so?
I've been handing out business cards with my current address for eight years. I have a personal account that's now 15 years old that still gets occasional messages from friends I haven't heard from in ages.
What's your grand scheme for email address management that lets me keep in contact with all of those people?
My reference of "smart enough" is someone who is capable of utilizing a computer, searching for a hack script, and then running it with the intent of causing some harm.
Not to be rude, but did you read the links I included?
I am saying precisely that the ability to use a computer, find a hack script, and use it to break in is a separate ability from making the moral judgements involved. Both can be learned by anybody, but some people find one easier and some find the other easier.
Plus - as I stated, someone who does not have mental retardation.
Yes. Mental retardation isn't necessary. People with, e.g., Aspergers, have great technical skills and little interpersonal sense, from which a moral sense derives. Some people don't formally meet the criteria for Asbergers but still tend in that direction; they will have a harder time with moral judgements than somebody with high interpersonal and intrapersonal intelligence.
Script kiddies tend to realize that what they are about to do is going to cause someone grief.
I don't know any script kiddies, so I can't say either way. But I have known some technically clever hackers (in the old sense of the term) who were much sharper technically than they were morally. They saw their adventures as harmless exploration; other people saw them as morally deficient.
How can you blindly say the parent poster is wrong when you argument is base on one theory (yes theory, not a law) out of many?
Turn it around: How can you say that the creationists are wrong when darwinian evolution is base [sic] on one theory out of many?
It's because the new theory comes later, explains more than the previous theory, and has better supporting evidence, that's how.
That's not to say I'm right, any more than the single-intelligence model was right 50 years ago, even if it was the best theory available. I'm just going with the best I've found; if you've got better theories or new data, step up to the plate.
Anyone who is smart enough to hack, is smart enough (save for those with mental problems) to realize the difference between right and wrong.
Wrong! This is based on an old model of "smart", that there is a single, linear measure of intelligence, one's IQ. Newer research suggests that people have different capabilities in different degrees; this is broadly known as Multiple Intelligences.
People with high interpersonal and intrapersonal intelligence will have a native advantage in understanding ethics. This makes sense when you consider that morals are an evolved capacity, one not unique to humans. (For more on the topic, see books like Good Natured: The Origins of Right and Wrong in Humans and Other Animals.) This doesn't mean that a hacker can't learn ethics. But it may come no more naturally to him than, say, dancing. And like dancing, if it doesn't come naturally then it might be worth taking a class.
Moore is really preaching to the choir with this movie. If you agree with what he says you are unlikely to vote Bush regardless and Bush supporters will most likely view it as fabricated propaganda regardless of its accuracy or failings.
At first this annoyed me. I'll go see it, and I sure won't be voting for Bush, et al, but all the way through I'll be a bit skeptical, just because Moore is so pigheaded about his views and so brilliant at conveying them.
But now I'm over that. The Bush administration did a great job at conveying its point of view for the last several years, and I don't think they're any less pigheaded or partisan than Moore. It'll be nice to be skeptical in a different direction. And even Fahrenheit 9/11 doesn't change one single vote, it's started people talking about this stuff in a way that I don't think we, as a nation, were doing enough of.
So bravo for Moore and the fantastic controversy he's created. If nothing else, he's getting people to think a bit more about the hundreds of billions of dollars and the tens of thousands of people who have died. Everybody, right left or center, should be paying attention to this; it's shaping our nation and our world.
Not only was this authorized by Dick Clark himself, but the bin Laden family had also disowned Osama a while back. Do you expect to be detained / questioned it [sic] your disowned nephew, with whom you haven't talked in twenty years, goes and kills someone?
That's not a particularly fair analogy. Consider these questions: How many of the hijackers were Saudis? How much support does bin Laden still have in Saudi Arabia? How much of Al Qaeda's funding comes from Saudi Arabia? Does any of that funding come from his wealthy family? Might one of his family members still be in touch secretly? And could one of his family members remember something that seemed innocuous at the time but could help investigators to find him or shut down the flow of money to him?
I haven't seen the movie yet, but given the post-9/11 sweep to detain for months a large number of people who didn't have anything to do with terrorism, the special treatement they allegedly got seems pretty weird. The excuse that we were worried for their safety doesn't cut it with me. Many of my hyphenated-American friends were rightly worried for their own safety after 9/11, but nobody chartered them special flights.
The fact that you think there is any such thing as a non-biased analysis suggests naivity. Everything is biased, the only question is whether you are biased in the same way.
That's one way to define things. I favor another.
Everybody has a viewpoint, and everybody has opinions. A good writer, like a good scientist, should be able to learn about and write about a topic in an honest way. That doesn't mean that he will necessarily change his opinions or have a different viewpoint, but he will be open to that, and he will convey things in a where even reasonable people who disagree with him can agree that the article was a fair one.
In the US, we don't get much journalism like that. The wire services, who wanted to be able to sell copy to papers no matter their political orientations, pioneered this anemic, analysis-free "objective" reporting, which ends up being facile and thoughtless.
British journalists seem much better at the game. For example, I subscribe to The Economist, which, despite its name, is a British general-audience newsweekly. They have a very clear viewpoint; they're analytical, numbers-oriented, and big fans of free markets and free people. But they generally avoid being dogmatic about it; their articles have a clear viewpoint but they are honestly trying to seek out the truth and to tell you what they see along the way.
I like that better. Honestly, none of us will ever find The Truth, and anybody who thinks they have it is fooling themselves. But for those of us who are really looking, it's nice to have collaborators.
First is your cost. Figure out all the time and money you put into this. Ask yourself questions: What's that time worth to you? What would it have cost if you had paid somebody else to do the work? And so on.
Second is the value that they will receive from using your work. If they sell their 1000 widgets, how much do they make? If they couldn't use your stuff, how much would they make then? If they have exclusive rights to your work, is that more valuable? Et cetera.
Now you can figure out what to charge; it will be between these two numbers. If you manage to charge them more than the value they're getting, this will eventually make them sad; you should always try to cut win/win deals. And if you charge them less than your costs, then eventually you'll go out of business.
Other than that, you haven't really given us enough info to go on. If you want more specific advice, tell us about what you did, who you did it for, why they want it, and so on.
Negotiate payment BEFORE A SINGLE LINE OF CODE IS WRITTEN. Your contract starts with a MINIMUM amount, which MAY INCREASE depending on the work involved in the project. Don't EVER give the client a chance to screw you, BECAUSE THEY WILL.
If you do business with people who will screw you just because you can, you're fucked no matter what contracts you have. Even if you have 100% airtight agreements written by the world's best lawyers, a malicious client can make your life a living hell. As my lawyer says, "They can sue you for anything they want. Eventually you'll win, but that can take a long time."
Instead, do business with people you like and trust. Then, as you suggest, get everything in writing up front. The main benefit isn't the ability to have a court enforce things; the benefit is that everything's clearly spelled out while things are still sunny. That makes getting through the storms much easier.
Yep: get a lawyer. Also, don't ask for legal advice on Slashdot.
If that's what they're asking for, that would be a problem. However, they're asking for business advice.
Once they have an idea of what kind of deal they want to cut, they should then go talk to a lawyer about how to put together the documents. A good lawyer will also help raise issues that they may not have thought of.
But walking into a lawyer's office before you know what you want can get awfully expensive. Asking here is perfectly appropriate.
Spam Assassin, while a very clever program, is as misdirected as the "Canned Spam" legislation. It has no effect on the real economics of spam: who pays for it.
I'm not sure why so many people on Slashdot think this, but when you have a good idea, it doesn't mean the other ones are bad.
Your idea is good. The cops should indeed go after spammers exactly as you say. However, that won't get all of them. One recent spam I got was sent from Brazil, advertises a site hosted in China, and transfers the money through a company in Latvia. The beneficiaries are probably American, but they may be a little hard to find.
In the meantime, things like SpamAssassin do indeed change the economics of the situation. If people use just a 95%-effective filter, that means the spammers have to send 20x the amount of mail for the same exposure. And to regularly get past the filters, they have to spend much more time crafting their messages and building software. Or they have to pay somebody who specializes in it. Either way, income goes down and costs go up.
I do have data. My RBL knocks out about 97% of all spam.
Thanks, I already have data that RBLs can help get rid of spam. That's why I use them. I also have data that content-sensitive approaches can help get rid of spam. What I don't have is any data to back up your claim that RBLs are to SpamAssassin's content-related filtering as caviar is to koolaid.
And that's without much maintenance. When I get proactive and start monitoring worm-infected PCs, I can up this rate to 99.5%.
As I said in my original post, I can get the same rates, including the lack of false positives, using a combination approach. I get 99.5+% with minimal maintenance.
If you don't know how to make use of content-related tools like bayesian filters, fine. Don't use them. But I'm telling you that they work great for me as part of a combination approach, and I have the data to back it up.
Without RBLs, your content-based system wouldn't work nearly as well. It's like adding caviar to kool-aid. It might make the drink more paletable, but it's more efficent to cut out the kool-aid.
Well, according to my data, it would work a bit less well. And my data doesn't support your kool-aid analogy at all. Why don't you show us your data? You do have data to back up your claims, right?
Content-based spam filtering is a waste of time. [...] It's a never-ending battle of updating filters and formulas.
I update my SpamAssassin config file once a year or so. This hardly seems burdensome. And generally my updates have to do with which RBLs it uses for assiging point values. Other than that, I use the defaults plus the Bayesian filter.
Since the filter self-trains based in part on the RBL scores, it autoadjusts to new spam. And if you have spamtrap addresses, you can feed those back in, too.
My setup is well over 99% accurate, with no false positives in months.
RBLs WORK.
Yes, and I use those, too. Some I use for outright rejection of connections, and some count toward the spamminess score. As soon as they get the URL-based RBLs working, I'll use those, too. Why wouldn't you use all the tools at your disposal?
Wait till the spammers decide to spam your whole domain. They can start with aaaaaaaa@yourdomain.com and keep going till they get to zzzzzzzz@yourdomain.com, and your mailserver will accept and pass on every single one of these emails.
Here's my tip: look at your logs take the few hundred most popular guesses for dictionary attacks like this. Now feed those directly in to your spam filter's training input. Now odds are that the spammers will feed several shiny new spams trap for every one that gets through to an actual account.
Every day I get dozens of delivery attempts at an address I used to run a listserver on, which has been invalid since 1998. No human has *ever* been behind that address. The spambags do not care about invalid addresses.
How true. But you can use that against them!
I have several addresses like that. Some were accidentally created for me on other sites by scripts like wpoison. Others are spammer-specific mutations of my real address. And I have a number of old addresses, like special ones generated for Usenet News posts five years back.
Now I feed them all into SpamAssassin's Bayesian classifier. I even looked in my logs to see the 100 most common choices for dictionary attacks and feed those in, too.
Now, thanks to the spammers, I get a lot less spam in my inbox! Yesterday's score was 356 messages fed to the trap, 145 spams in my spam folder, 1 spam in my inbox, and no false positives.
Slashdot Mirror
- The Selfish Gene
- Vehicles: Experiments in Synthetic Psychology
- Chimpanzee Politics
- Getting to Yes
- In a Different Voice
- The Origin of Consciousness in the Breakdown of the Bicameral Mind
- Consilience: The Unity of Human Knowledge
- The World's Religions
- Life 102: What To Do When Your Guru Sues You
- Zen Flesh, Zen Bones
Plus a number of other books mentioned here.Note that I don't necessarily believe everything in these books, but all of them provided me with important insights. Also, props to my 6502 assembler manual, long since turned to dust.
Just because a new way of distributing information and entertainment appears, doesn't mean the total demise of the previous technologies.
Neither does it mean they necessarily stay around.
The Vaudeville circuit, which gave performers like the Marx Brothers and Abbott and Costello their start, was mortally wounded by radio and film; telvision delivered the killing blow. The circus is a pale shadow of what it once was, and the tent revival is now just a footnote.
New technologies also can force deep changes in old media so much that they could be thought of as different beasts altogether. TV has changed film; gone are the days of the newsreel and the serial. Broadcast TV is still changing in response to cable TV, and both of them are still trying to figure out what to do in response to the internet.
The whole notion of channels is just a primitive hack to allocate scarce bandwidth. The unit cost of bandwidth to the home has dropped by more than 10x over the past decade, and there is enough innovation in the pipeline to keep it dropping for at least another decade. Between an abundance of bandwidth, smart networks, and smart terminals with big storage capacity, channels may not exist in the long term, except perhaps as a convenient way for humans to manage the flood of content available to them.
I *read* Playboy. No, really...it's for the articles!!
Then you should subscribe to the Braille edition.
IN YEAR 1997, 97,234 PEOPLE STARVED, 0 CAME TO THE CITY.
Jeeesus. You just gave me greenscreen flashbacks.
IF you're getting too much spam, change your e-mail address. Its as simple as that. Yes, it really is that simple. If you "can't" do this because too many people have your 'old' address, well then its not e-mail thats broken, its your management of it ...
That's absurd. I suppose your solution to telemarketers is to change your phone number frequently? And the way to avoid getting too much junk mail is to move every year or so?
I've been handing out business cards with my current address for eight years. I have a personal account that's now 15 years old that still gets occasional messages from friends I haven't heard from in ages.
What's your grand scheme for email address management that lets me keep in contact with all of those people?
Someone exaggerating things. SMTP (RFC 821) was described in 1982 -- 22 years ago. [...] So I'll give the guy 18-19 years, tops. :)
Sorry, bucko; email existed well before SMTP.
My reference of "smart enough" is someone who is capable of utilizing a computer, searching for a hack script, and then running it with the intent of causing some harm.
Not to be rude, but did you read the links I included?
I am saying precisely that the ability to use a computer, find a hack script, and use it to break in is a separate ability from making the moral judgements involved. Both can be learned by anybody, but some people find one easier and some find the other easier.
Plus - as I stated, someone who does not have mental retardation.
Yes. Mental retardation isn't necessary. People with, e.g., Aspergers, have great technical skills and little interpersonal sense, from which a moral sense derives. Some people don't formally meet the criteria for Asbergers but still tend in that direction; they will have a harder time with moral judgements than somebody with high interpersonal and intrapersonal intelligence.
Script kiddies tend to realize that what they are about to do is going to cause someone grief.
I don't know any script kiddies, so I can't say either way. But I have known some technically clever hackers (in the old sense of the term) who were much sharper technically than they were morally. They saw their adventures as harmless exploration; other people saw them as morally deficient.
How can you blindly say the parent poster is wrong when you argument is base on one theory (yes theory, not a law) out of many?
Turn it around: How can you say that the creationists are wrong when darwinian evolution is base [sic] on one theory out of many?
It's because the new theory comes later, explains more than the previous theory, and has better supporting evidence, that's how.
That's not to say I'm right, any more than the single-intelligence model was right 50 years ago, even if it was the best theory available. I'm just going with the best I've found; if you've got better theories or new data, step up to the plate.
Anyone who is smart enough to hack, is smart enough (save for those with mental problems) to realize the difference between right and wrong.
Wrong! This is based on an old model of "smart", that there is a single, linear measure of intelligence, one's IQ. Newer research suggests that people have different capabilities in different degrees; this is broadly known as Multiple Intelligences.
People with high interpersonal and intrapersonal intelligence will have a native advantage in understanding ethics. This makes sense when you consider that morals are an evolved capacity, one not unique to humans. (For more on the topic, see books like Good Natured: The Origins of Right and Wrong in Humans and Other Animals.) This doesn't mean that a hacker can't learn ethics. But it may come no more naturally to him than, say, dancing. And like dancing, if it doesn't come naturally then it might be worth taking a class.
Go for the companies that just ask you the regular BS interview questions. Then just lie your butt off!
Brilliant strategy. Now you'll be working for a company run by stupid people who hire incompetent people. Enjoy your job!
Moore is really preaching to the choir with this movie. If you agree with what he says you are unlikely to vote Bush regardless and Bush supporters will most likely view it as fabricated propaganda regardless of its accuracy or failings.
At first this annoyed me. I'll go see it, and I sure won't be voting for Bush, et al, but all the way through I'll be a bit skeptical, just because Moore is so pigheaded about his views and so brilliant at conveying them.
But now I'm over that. The Bush administration did a great job at conveying its point of view for the last several years, and I don't think they're any less pigheaded or partisan than Moore. It'll be nice to be skeptical in a different direction. And even Fahrenheit 9/11 doesn't change one single vote, it's started people talking about this stuff in a way that I don't think we, as a nation, were doing enough of.
So bravo for Moore and the fantastic controversy he's created. If nothing else, he's getting people to think a bit more about the hundreds of billions of dollars and the tens of thousands of people who have died. Everybody, right left or center, should be paying attention to this; it's shaping our nation and our world.
Not only was this authorized by Dick Clark himself, but the bin Laden family had also disowned Osama a while back. Do you expect to be detained / questioned it [sic] your disowned nephew, with whom you haven't talked in twenty years, goes and kills someone?
That's not a particularly fair analogy. Consider these questions: How many of the hijackers were Saudis? How much support does bin Laden still have in Saudi Arabia? How much of Al Qaeda's funding comes from Saudi Arabia? Does any of that funding come from his wealthy family? Might one of his family members still be in touch secretly? And could one of his family members remember something that seemed innocuous at the time but could help investigators to find him or shut down the flow of money to him?
I haven't seen the movie yet, but given the post-9/11 sweep to detain for months a large number of people who didn't have anything to do with terrorism, the special treatement they allegedly got seems pretty weird. The excuse that we were worried for their safety doesn't cut it with me. Many of my hyphenated-American friends were rightly worried for their own safety after 9/11, but nobody chartered them special flights.
The fact that you think there is any such thing as a non-biased analysis suggests naivity. Everything is biased, the only question is whether you are biased in the same way.
That's one way to define things. I favor another.
Everybody has a viewpoint, and everybody has opinions. A good writer, like a good scientist, should be able to learn about and write about a topic in an honest way. That doesn't mean that he will necessarily change his opinions or have a different viewpoint, but he will be open to that, and he will convey things in a where even reasonable people who disagree with him can agree that the article was a fair one.
In the US, we don't get much journalism like that. The wire services, who wanted to be able to sell copy to papers no matter their political orientations, pioneered this anemic, analysis-free "objective" reporting, which ends up being facile and thoughtless.
British journalists seem much better at the game. For example, I subscribe to The Economist, which, despite its name, is a British general-audience newsweekly. They have a very clear viewpoint; they're analytical, numbers-oriented, and big fans of free markets and free people. But they generally avoid being dogmatic about it; their articles have a clear viewpoint but they are honestly trying to seek out the truth and to tell you what they see along the way.
I like that better. Honestly, none of us will ever find The Truth, and anybody who thinks they have it is fooling themselves. But for those of us who are really looking, it's nice to have collaborators.
You need to calculate two numbers.
First is your cost. Figure out all the time and money you put into this. Ask yourself questions: What's that time worth to you? What would it have cost if you had paid somebody else to do the work? And so on.
Second is the value that they will receive from using your work. If they sell their 1000 widgets, how much do they make? If they couldn't use your stuff, how much would they make then? If they have exclusive rights to your work, is that more valuable? Et cetera.
Now you can figure out what to charge; it will be between these two numbers. If you manage to charge them more than the value they're getting, this will eventually make them sad; you should always try to cut win/win deals. And if you charge them less than your costs, then eventually you'll go out of business.
Other than that, you haven't really given us enough info to go on. If you want more specific advice, tell us about what you did, who you did it for, why they want it, and so on.
Negotiate payment BEFORE A SINGLE LINE OF CODE IS WRITTEN. Your contract starts with a MINIMUM amount, which MAY INCREASE depending on the work involved in the project. Don't EVER give the client a chance to screw you, BECAUSE THEY WILL.
If you do business with people who will screw you just because you can, you're fucked no matter what contracts you have. Even if you have 100% airtight agreements written by the world's best lawyers, a malicious client can make your life a living hell. As my lawyer says, "They can sue you for anything they want. Eventually you'll win, but that can take a long time."
Instead, do business with people you like and trust. Then, as you suggest, get everything in writing up front. The main benefit isn't the ability to have a court enforce things; the benefit is that everything's clearly spelled out while things are still sunny. That makes getting through the storms much easier.
Yep: get a lawyer. Also, don't ask for legal advice on Slashdot.
If that's what they're asking for, that would be a problem. However, they're asking for business advice.
Once they have an idea of what kind of deal they want to cut, they should then go talk to a lawyer about how to put together the documents. A good lawyer will also help raise issues that they may not have thought of.
But walking into a lawyer's office before you know what you want can get awfully expensive. Asking here is perfectly appropriate.
Spam Assassin, while a very clever program, is as misdirected as the "Canned Spam" legislation. It has no effect on the real economics of spam: who pays for it.
I'm not sure why so many people on Slashdot think this, but when you have a good idea, it doesn't mean the other ones are bad.
Your idea is good. The cops should indeed go after spammers exactly as you say. However, that won't get all of them. One recent spam I got was sent from Brazil, advertises a site hosted in China, and transfers the money through a company in Latvia. The beneficiaries are probably American, but they may be a little hard to find.
In the meantime, things like SpamAssassin do indeed change the economics of the situation. If people use just a 95%-effective filter, that means the spammers have to send 20x the amount of mail for the same exposure. And to regularly get past the filters, they have to spend much more time crafting their messages and building software. Or they have to pay somebody who specializes in it. Either way, income goes down and costs go up.
The song that people liked to hear the most was "C is for cookie" by the cookie monster.
You might consider trying the speed metal version by the San Francisco band Cookie Mongoloid. I bet it gets a different reaction than the original.
I do have data. My RBL knocks out about 97% of all spam.
Thanks, I already have data that RBLs can help get rid of spam. That's why I use them. I also have data that content-sensitive approaches can help get rid of spam. What I don't have is any data to back up your claim that RBLs are to SpamAssassin's content-related filtering as caviar is to koolaid.
And that's without much maintenance. When I get proactive and start monitoring worm-infected PCs, I can up this rate to 99.5%.
As I said in my original post, I can get the same rates, including the lack of false positives, using a combination approach. I get 99.5+% with minimal maintenance.
If you don't know how to make use of content-related tools like bayesian filters, fine. Don't use them. But I'm telling you that they work great for me as part of a combination approach, and I have the data to back it up.
Without RBLs, your content-based system wouldn't work nearly as well. It's like adding caviar to kool-aid. It might make the drink more paletable, but it's more efficent to cut out the kool-aid.
Well, according to my data, it would work a bit less well. And my data doesn't support your kool-aid analogy at all. Why don't you show us your data? You do have data to back up your claims, right?
Content-based spam filtering is a waste of time. [...] It's a never-ending battle of updating filters and formulas.
I update my SpamAssassin config file once a year or so. This hardly seems burdensome. And generally my updates have to do with which RBLs it uses for assiging point values. Other than that, I use the defaults plus the Bayesian filter.
Since the filter self-trains based in part on the RBL scores, it autoadjusts to new spam. And if you have spamtrap addresses, you can feed those back in, too.
My setup is well over 99% accurate, with no false positives in months.
RBLs WORK.
Yes, and I use those, too. Some I use for outright rejection of connections, and some count toward the spamminess score. As soon as they get the URL-based RBLs working, I'll use those, too. Why wouldn't you use all the tools at your disposal?
So in their tests the machine learning filters start out knowing nothing, but SpamAssassin starts out with its inbuilt ruleset. Not exactly fair.
Perhaps for some definitions of "fair". That strikes me as a reasonable scenario for real-world use, which seems pretty fair to me.
Wait till the spammers decide to spam your whole domain. They can start with aaaaaaaa@yourdomain.com and keep going till they get to zzzzzzzz@yourdomain.com, and your mailserver will accept and pass on every single one of these emails.
Here's my tip: look at your logs take the few hundred most popular guesses for dictionary attacks like this. Now feed those directly in to your spam filter's training input. Now odds are that the spammers will feed several shiny new spams trap for every one that gets through to an actual account.
Every day I get dozens of delivery attempts at an address I used to run a listserver on, which has been invalid since 1998. No human has *ever* been behind that address. The spambags do not care about invalid addresses.
How true. But you can use that against them!
I have several addresses like that. Some were accidentally created for me on other sites by scripts like wpoison. Others are spammer-specific mutations of my real address. And I have a number of old addresses, like special ones generated for Usenet News posts five years back.
Now I feed them all into SpamAssassin's Bayesian classifier. I even looked in my logs to see the 100 most common choices for dictionary attacks and feed those in, too.
Now, thanks to the spammers, I get a lot less spam in my inbox! Yesterday's score was 356 messages fed to the trap, 145 spams in my spam folder, 1 spam in my inbox, and no false positives.