What I /do/ beleive will be a great improvement is p2p sharing of the filtered tokens, regexps et al. I discuseed this on IRC lately, and Morbus had some great ideas on this.
First of all it should be shared over a closed XML feed. We can use drupalIds and a special role to secure the ahraing (we dont want spammers to learn from our tokens).Both peers need to confirm sharing. If I remove > something on my side, the XML feed must dictate (or propose) deletion on the other sides too. Otherwise it would be an ever growing blob.
Exactly. Restating: a) SiteA and SiteB both want to share their spam filters. b) user@SiteA signs up at SiteB site; user@SiteB does the opposite. c) both users configure their site to accept "trusted" spam filters from the user of the other site. if either user hates each other one day, they can just remove this trusted link, and their site will no longer accept (new/ deleted) spam filters from that user. d) user@SiteA configures his spam filters to be "uploaded to SiteB under the login user@SiteA"; user@SiteB does the same. e) whenever a spam filter changes, Drupal's distributed auth kicks in: SiteA distributed-auths to SiteB as user@SiteA, and uploads the new spam filters. Since SiteB has trusted user@SiteA (in step c, above), the spam filters are processed. If SiteB does not trust this user, the spam filters are ignored. The distributed auth part is important and removes the need for cryptographic keys like in PGP (it doesn't, however, remove the man in the middle attack - someone could still intercept the distributed auth and delete/add their own malicious filters. however, this possibility ALREADY exists in Drupal's distributed auth system, so it's not anything new). The distributed auth is also important because it is blatantly obvious spammers do their research: they know about Bayesian filters, so they send out garbage text to try and confuse them. They know about Spamassassin rulesets, so they tweak their mailers specifically to circumvent them. They know about RBLs, so they piggyback off of installed trojans. With distributed auth, the rulesets are ONLY known between the trusted sites - there's no public sharing of them for spammers to learn from and adapt. Likewise, each group of trusted sites will have different rulesets. -- Morbus Iff ( you are nothing without your robot car, NOTHING! ) Culture: http://www.disobey.com/ and http://www.gamegrene.com/ Spidering Hacks: http://amazon.com/exec/obidos/ASIN/0596005776/disobeycom icq: 2927491 / aim: akaMorbus / yahoo: morbus_iff / jabber.org: morbus