[Asrg] An "ideal" false positive (TMGRS take 2)
Alessandro Vesely <vesely@tana.it> Thu, 28 January 2010 18:04 UTC
Return-Path: <vesely@tana.it>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 095103A6AB3 for <asrg@core3.amsl.com>; Thu, 28 Jan 2010 10:04:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.884
X-Spam-Level:
X-Spam-Status: No, score=-4.884 tagged_above=-999 required=5 tests=[AWL=-0.165, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6ny+CCSu8vWN for <asrg@core3.amsl.com>; Thu, 28 Jan 2010 10:04:28 -0800 (PST)
Received: from wmail.tana.it (www.tana.it [62.94.243.226]) by core3.amsl.com (Postfix) with ESMTP id 185B13A6AB1 for <asrg@irtf.org>; Thu, 28 Jan 2010 10:04:27 -0800 (PST)
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 515, TLS: TLS1.0,256bits,RSA_AES_256_CBC_SHA1) by wmail.tana.it with ESMTPSA; Thu, 28 Jan 2010 19:04:43 +0100 id 00000000005DC035.000000004B61D1BB.00000C3F
Message-ID: <4B61D1BA.6060807@tana.it>
Date: Thu, 28 Jan 2010 19:04:42 +0100
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090812 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [Asrg] An "ideal" false positive (TMGRS take 2)
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jan 2010 18:04:29 -0000
Alice reports as spam a message from Bob, either by mistake or out of curiosity. Statistically irrelevant as this fact is, ignoring it will convey the impression that TIS buttons represent a somewhat garbled functionality. What should happen in an ideal case? IMHO: The abuse report (AR) is received by Alice's server --the one responsible for receiving. This server determines that the message had been sent by Bob's server --the one responsible for sending. Assume that Alice's server trusts Bob's one, then the former may forward the AR to the latter. Bob had authenticated himself for sending that message, hence his server can send him a warning that he shouldn't have sent spam, with the AR attached. The readable text in the ARF may mention the trust chain. In this case, it is Bob who determines that this AR is an FP. He may ask for human inspection of the message, unless Alice retracts her report. IOW, human inspection of spam is only required in case of dispute. Does this shed some light on the role of an external service? Normally, if Alice and Bob have different domains, there is no trust relationship between their servers. Therefore, Alice's server should route the AR through the trusted external service that vouched for Bob's server. No vouch, no FBL. I think the "external service" /is/ the MGRS. All what it has to know is that Bob's server is not a bot nor a spammer, although some users there may occasionally fall into temptation. By monitoring all ARs concerning a given MTA, it can ascertain whether its postmaster do stop local spammers: it can both track individual ESMTPSA senders, and determine the spam rate against the number of /good/ VBR DNS lookups. The rest is policy (how does an MTA assess new users, how it stops bad senders, how it solves disputes) and protocol (how to avoid multiple FBLs in case of multiple vouchers, how to track mailing list subscriptions, et cetera.)
- [Asrg] An "ideal" false positive (TMGRS take 2) Alessandro Vesely
- Re: [Asrg] An "ideal" false positive (TMGRS take … Rich Kulawiec
- Re: [Asrg] An "ideal" false positive (TMGRS take … Ian Eiloart
- Re: [Asrg] An "ideal" false positive (TMGRS take … Alessandro Vesely
- Re: [Asrg] An "ideal" false positive (TMGRS take … Rich Kulawiec
- Re: [Asrg] An "ideal" false positive (TMGRS take … Steve Atkins
- Re: [Asrg] An "ideal" false positive (TMGRS take … Michael Thomas
- Re: [Asrg] An "ideal" false positive (TMGRS take … Rich Kulawiec
- Re: [Asrg] An "ideal" false positive (TMGRS take … der Mouse
- Re: [Asrg] An "ideal" false positive (TMGRS take … Rich Kulawiec
- Re: [Asrg] An "ideal" false positive (TMGRS take … Michael Thomas
- Re: [Asrg] An "ideal" false positive (TMGRS take … Rich Kulawiec
- Re: [Asrg] An "ideal" false positive (TMGRS take … der Mouse
- Re: [Asrg] An "ideal" false positive (TMGRS take … Alessandro Vesely
- Re: [Asrg] An "ideal" false positive (TMGRS take … Ian Eiloart
- Re: [Asrg] An "ideal" false positive (TMGRS take … John Levine
- Re: [Asrg] An "ideal" false positive (TMGRS take … Rich Kulawiec
- Re: [Asrg] An "ideal" false positive (TMGRS take … Alessandro Vesely