Notes on the CEAS

Here's a round up of my random thoughts on the CEAS:

1. The stuff on image spam detection was interesting, but it's a little late.  Spammers have moved on to other tricks.

2. Speaking of the stuff on image spam, the false positive rates were very high so as to render the techniques impractical in a real world environment.  A 4% false positive rate renders a technique non-useful in real life.  Frankly, a filter component has to have an FP rate of at least 1/10,000.

3. The brief history of Postfix was interesting.

4. Well, wouldn't you know it - it turns out that filters that train on global data (mail) perform *much* better than filters trained on personal mail.

5. Interesting factoid: Spammers are sending fewer messages per recipient than they used to.  This is a reversal in the trend in earlier years when they sent the same message to a lot of recipients.

6. The top 10 brands account for 85% of phished sites (eBay, Paypal, etc).

7. 99% of trackbacks on blogs are spam and when it comes to blog spam, two narrow IP ranges host most splogs.

8. Even though SenderID and SPF fail on email forwarding, it's not a huge problem because it is rarer than people think.