Page for SpamAssassin developers t collaboratively jot down some ideas:
Questions: SVM and RF?
What's that? (MalteStretz)
trusted networks heuristic:
- doing reverse look-up of HELO, if it matches the user's domain, and forward DNS matches of that matches the IP address, then trust it - does that help? (may be helpful for extending the boundary)
- find an IP that matches exteral MX, know it's external then (probably not as helpful for finding a boundary?)
JustinMason: tried both of these before, expensive in terms of time, requires network lookups to compute trusted network boundary, also I got false negatives! (spams that were "close enough" to the MX record). Also this algo is very similar ot spamcop's.
DanielQuinlan: limit number of messages per sender (from morning talk)
- for Bayes learning to avoid over-training for that user (expiry, rolling over - how?)
- for rescoring process (like this idea)
Some stuff I had in my head for some time, planned some proof-of-conecpts in November (MalteStretz):
Negative rules based on trust-networks.
Some possibilities:
[http://web-o-trust.org/|Web-O-Trust]
- FOAF
- Cross-signed PGP-keys