Firetrust Support Forums

Hi all,

Are there plans on improving the FirstAlert system ?

There has been some discussion on improvements, both in making reporting false positives easier and in giving it a weighted say in the spam detection scheme instead of the current yes/no situation.

There was some discussion a while back on giving users a "trust" score so the ones that did an excellent job of reporting got their reports sent directly to the database to speed detection for others and for the poor reporters that were making errors their reports could be given a more thorough review before being added to the database. There was also some discussion of how many reports should be needed before the database starts identifying similar messages as spam.

I think most of this is on hold until it is seen how the new weighting system works out as that could make much of it unnecessary.

stan_qaz wrote:There has been some discussion on improvements, both in making reporting false positives easier and in giving it a weighted say in the spam detection scheme instead of the current yes/no situation.

There was some discussion a while back on giving users a "trust" score so the ones that did an excellent job of reporting got their reports sent directly to the database to speed detection for others and for the poor reporters that were making errors their reports could be given a more thorough review before being added to the database. There was also some discussion of how many reports should be needed before the database starts identifying similar messages as spam.

I think most of this is on hold until it is seen how the new weighting system works out as that could make much of it unnecessary.

Ok, truely hope some of those enhancements will be integrated in the next revision of the system ...

There will be some tweaking with the new version, the biggest issue right now is that any spam email over 200 lines requires a MW user to report the email to us, if it comes through from our MW Server users or our honeypots it will never match for MW users as those systems store the entire email, not just the 200 lines used by MW.

rusticdog wrote:There will be some tweaking with the new version, the biggest issue right now is that any spam email over 200 lines requires a MW user to report the email to us, if it comes through from our MW Server users or our honeypots it will never match for MW users as those systems store the entire email, not just the 200 lines used by MW.

And could it be possible to include other criterias tan subject and message content to identify message as spam in the FirstAlert system ?
What about messages which have similarity between them (similar subject but different content or diferent subject and ...)...

There is already some logic in there, so the messages don't need to match exactly.

I don't know what the exact rate is, but say for example a message you check against FirstAlert matches a message we have in the system by 80%, then it will be considered spam. We will also probably look at adding support for checking URLs with FirstAlert as well

rusticdog wrote:There is already some logic in there, so the messages don't need to match exactly.

I don't know what the exact rate is, but say for example a message you check against FirstAlert matches a message we have in the system by 80%, then it will be considered spam. We will also probably look at adding support for checking URLs with FirstAlert as well

Ok, so let's see what will it become ...