From time to time, I like to reflect upon my own personal strengths and weaknesses. I may be a spam fighter, but I’m also a professional working within Microsoft and I want grow my entire asset base of skills, not just in spam analysis.
You know how on interview coaching, they say to you "If you’re ever asked one of your weaknesses, give one of your strengths that if overdone, could be a weakness"? For example, you could say "Sometimes I work too hard" which is overdoing dedication to the job. It’s kind of a way of weaseling out of the question.
Well, in my case, one of my weaknesses truly is one of my strengths. I’ve been analyzing and fighting spam for 4 years and I’m very familiar with our own processes. I’ve evaluated blocklists, regular expressions, fingerprinting engines and some Bayesian filters. Because of this, I have a real knack for knowing what will work and what won’t without having to do any analysis. Much of the time, additional analysis confirms what I already knew.
The problem is I tend to get very irritated when I get pushback from people on antispam strategies who don’t have my level of expertise. If I think it will work, then it will probably work. I can usually see the end points pretty clearly in my head even if all the details aren’t there. For example, for the past two weeks I have been trying to get a new spam filter in place. I have personally done all the back end work and also evaluated the potential spam catch rate and false positive rate. Yet when it comes time to get it deployed, I get pushback because we need to do more false positive evaluation.
"Dudes," I say, "we’ve done all reasonable evaluation. Doing more will confirm what I already know — FPs will be minimal and the preliminary analysis that I have already done suggests this!" But it’s not good enough, we have to do more just to be safe.
Safety is a real concern. Nobody champions false positive evasion within our spam filtering service more than me. No one. For me, one FP is too many. But when I personally research a new filter, do all the work to get it up and running and do what I think is a very reasonable FP analysis (we can’t analyze 200,000 mails per day, but we can look at IP history and reverse DNS entries), requiring more annoys me. I may be taking things too personally, I suppose, but in my view we are wasting about a week’s time to do analysis that I strongly believe will not change our minds or add anything of significant value. There’s a whole lot of spam we could be stopping in that interim period.
<sigh>… I also think this illustrates one of my other weaknesses — the inability to get people to jump on board to my solutions.