[Spambayes] Just for one time a personal message to you

Tue Jun 14 09:34:00 CEST 2005

Hi Richie,

The LSP is actually quite a complicated thing indeed. Fortunately we have an
LSP specialist that build it for us. We have one of those LSPs that is not
buggy ;) Google Desktop Search for example however is a "buggy" LSP.
Currently we are changing our LSP so it will follow the rules of those buggy
LSPs when necessary. That way we end up with quite a stable solution. But
it's lots of highly specialised work.

I believe other applications indeed integrate at an even lower level (like
Symantec Antivirus) however this is much more complicated and it's hard to
find programmers that understand it.

Because of the competitative advantage the LSP gives us, we will not release
the LSP part opensource for now. There maybe a construction possible in
which we create a binairy that can be used by SpamBayes, I'll discuss this
with Tony. 

Btw we're not considering LSPs .. we're using one ;)

For those interested, SpamPal did opensource their LSP code. We tried to
start building from this, but that turned out to be too complicated (since
it's all integrated). Therefore we hired an LSP specialist. The SpamPal code
could still be an option though for one of you guys to try.
___
Dreas van Donselaar
CIO & co-founder

SpamExperts
Postbus 309
6200 AH Maastricht 
The Netherlands

F: +31 (0)842203930
E: aj.vandonselaar at spamexperts.com
W: http://www.spamexperts.com/

-----Original Message-----
From: Richie Hindle [mailto:richie at entrian.com] 
Sent: dinsdag 14 juni 2005 9:09
To: spambayes at python.org; Dreas van Donselaar
Subject: Re: [Spambayes] Just for one time a personal message to you

Tony, Dreas,

> OTOH, the SpamExperts guys have indicated that they intend to 
> contribute back code to SpamBayes, so maybe a LSP-enabled SpamBayes 
> may turn up in the future.

I did once investigate the LSP approach for Spambayes, but I gave up because
the LSP system has a fatal flaw.  Each LSP is required to contain many
hundreds of lines of boilerplate code, which Microsoft ships as a sample.
To write an LSP, you modify their sample.  But older versions of the sample
were buggy with respect to chaining on to other LSPs.  There are products in
the wild that are based on those buggy samples, and even a perfect LSP won't
work if it gets installed onto a machine with one these buggy LSPs on it.
The buggy LSP works perfectly as long as it's the only non-Microsoft LSP on
the system.  Users will inevitably blame the new LSP rather than the old one
when things break.

I wish I knew the extent of the problem, or could name some of these buggy
programs, or could give you an official reference, but all I remember is
that I found this out and gave up on the idea.

I believe that a lot of network-hooking applications tend to use other
techniques (API hooking or network drivers) than LSPs.  I don't have any
evidence to back that up - it's a gut feeling derived from reading around
the subject.

(Dreas, sorry if this is bad news - I didn't know you were considering LSPs.
It may be that these days the problem is negligible - it was a couple of
years ago that I looked at this.)

--
Richie Hindle
richie at entrian.com