mkettler at EVI-INC.COM
Mon Jan 5 20:29:59 GMT 2004
At 01:12 PM 1/5/2004, Julian wrote:
> >Any suggestions?
>Don't use it. It has been proved to be easy to subvert. I keep forgetting
>to remove it from MailScanner altogether.
Agreed.. it's useful in some cases, but it's a bit questionable in
MailScanner where per-user databases aren't used.
Fortunately somewhere in 2.5x or 2.6x they mitigated the most severe issue,
which was the ALL_SPAM_TO score-smearing issue. Basically all
white/blacklists and GTUBE are handled after the AWL, and don't wind up
pumping it's scores up and down.
The only remaining issue with the AWL is one I discussed in private with
Justin Mason (SA developer), and it was agreed that it's unlikely to be
I still have some reservations because if spammers start using the
technique I theorized it will be a gigantic pain in everyone's butt, not
just AWL users. (Which is also why I'm not going to discuss this issue in
detail except with the developers as I've already done. I'm a fan of full
disclosure if it's helpful to sysadmins in general, but the details here
aren't really useful to anyone other than the SA developers and spammers. )
I remain a non-fan of the AWL, at least not as a "default on" option, but
it's not nearly as bad as it once was, and it's not likely to be abused
hurtful ways, even with MailScanner.
More information about the MailScanner