train on viruses?
Bill McClain
wmcclain at salamander.com
Tue Feb 24 20:56:37 CET 2004
On Tue, 24 Feb 2004 11:24:27 -0800
"Chris Fortune" <cfortune at telus.net> wrote:
> What are the pros and cons of training bogofilter with virus emails?
I run both viruses and virus-blowback messages through bogofilter with
good results.
> 1. Does it fill up the wordlist with unneccessary tokens?
I don't think so. The attachments themselves are skipped.
> 2. Does it prejudice bogofilter against all emails that have
> executable attachments?
Maybe; I don't get legitimate executable attachments. I suspect the
other tokens would be enough to distinguish good from bad.
> 3. What about polymorphic viruses?
I think I was gone that day.
> 4. How accurate? How many instances would it need to be accurate?
I don't have data, but my experience is that training was very quick.
-Bill
--
Sattre Press In the Quarter
http://sattre-press.com/ by Robert W. Chambers
info at sattre-press.com http://sattre-press.com/itq.html
More information about the Bogofilter
mailing list