Making product names of what you use visible to people is generally a mistake

September 28, 2020

For years, we've used Sophos PureMessage as the major part of our overall spam filtering. I don't mention specific product names very often for various reasons, but it's now harmless because Sophos is dropping PureMessage (also). We were already planning to almost certainly replace PureMessage for reasons other than this, but Sophos's decision to move to a cloud based service model forces our hand.

(We actually have the replacement more or less planned out and will likely start switching away from PureMessage very soon.)

As part of our overall filtering (and as standard in a lot of environments), we've set it up so that messages that are considered sufficiently spammy have a tag at the start of the Subject: header. People can then do their own filtering (in procmail or these days in their IMAP mail client) based on that tag, and various other pieces of our mail system also change their behavior if a message's Subject: has been marked this way. The specific tag we use is thus a well known and fundamentally fixed part of our overall mail environment; changing it would require configuration changes across our systems and force people to change their own mail setups, to their annoyance.

The tag we chose, almost fifteen years ago, was (and is) '[PMX:SPAM]'. This was chosen because 'PMX' is the common abbreviation for 'PureMessage' (used in Sophos's documentation, among other places), and we thought that '[SPAM]' was a bit too generic and likely to be added to Subject: headers by other places before the messages got to us.

If things go as expected, in a few months we won't be using Sophos PureMessage any more, and 'PMX' will mean nothing. But I can confidently predict that in ten years, our mail system will still be tagging sufficiently spammy email with '[PMX:SPAM]' (if we still have a mail system at all, and we probably will).

This is not the first time I've made the mistake of burning product names (software or hardware) into things that are visible to people, and it probably won't be the last time, either. Doing this is even a famous sysadmin mistake for hostnames (many '<x>vax' hosts lived on for years past when they were in fact DEC VAXes). But still, hopefully I can learn something from this and maybe do better for the next time around.

PS: There are clever transition plans like adding a second, more generic tag and then deprecating the first one over the course of many years, but they're not worth it. The other lesson is that sometimes you just shrug and live with the odd name long after you're using a software product or a particular type of hardware. It can even become a part of local folklore.

Written on 28 September 2020.
« Looking at DKIM information for our 'good' email (September 2020 edition)
My likely path away from spinning hard drives on my home desktop »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Mon Sep 28 17:02:48 2020
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.