Re: why not doing a test that checks "name"-<email address> pairs

Aag_uk wrote on Fri, 17 Aug 2007 23:58:05 -0700 (PDT):

> >b) requires LDAP, NIS, etc., so that SpamAssassin can have a clue
> >about your accounts;
> >c) requires competent fuzzy matching so that, when a user sends mail
> >to "Chris St. Pierre <stpierre@nebrwesleyan.edu>", it doesn't flag it
> >as spam because my "real name" is Christopher;
> >d) is prone to FPs, since its the clients who add that name, and it
> >could be literally _anything_ ("chris", "some guy", "", etc.) without
> >being spam; and
>
> My idea was that you could have a list that links each recipient to possible
> names that could be used (basically first name, surname and possibly a short
> name), not necesary NIS or LDAP. About fuzzy matching I think it shouldn't
> be difficult to do. It´s something like what Google does when you misspell
> something or enter something that is not "usual", it suggests you another
> search and, in my opinion, its guess is usually very good.

You don't understand at all. What gets put in the comment is up to the sender. They can put *everything* there and it's legit. You do not control it at all and you do not send them a reply "please change my name in your addressbook to xyz". It can be the name, a part of the name, several parts of the name, reverted parts of the name, a company name in all its variations, an acronym, misspelled, something like "Tony's brother", the email address, quoted or bracketed in several ways, could be nothing - too show a few. Such a rule would be prone to a huge number of FPs. It may work for you after a lot of work, but not for others. It's not worth it.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: 
http://www.conactive.com