[Asrg] An "ideal" false positive (TMGRS take 2)

[Alessandro Vesely <vesely@tana.it>]

Alice reports as spam a message from Bob, either by mistake or out of 
curiosity. Statistically irrelevant as this fact is, ignoring it will 
convey the impression that TIS buttons represent a somewhat garbled 
functionality. What should happen in an ideal case?

IMHO: The abuse report (AR) is received by Alice's server --the one 
responsible for receiving. This server determines that the message had 
been sent by Bob's server --the one responsible for sending. Assume 
that Alice's server trusts Bob's one, then the former may forward the 
AR to the latter. Bob had authenticated himself for sending that 
message, hence his server can send him a warning that he shouldn't 
have sent spam, with the AR attached. The readable text in the ARF may 
mention the trust chain. In this case, it is Bob who determines that 
this AR is an FP. He may ask for human inspection of the message, 
unless Alice retracts her report. IOW, human inspection of spam is 
only required in case of dispute.

Does this shed some light on the role of an external service? 
Normally, if Alice and Bob have different domains, there is no trust 
relationship between their servers. Therefore, Alice's server should 
route the AR through the trusted external service that vouched for 
Bob's server. No vouch, no FBL.

I think the "external service" /is/ the MGRS. All what it has to know 
is that Bob's server is not a bot nor a spammer, although some users 
there may occasionally fall into temptation. By monitoring all ARs 
concerning a given MTA, it can ascertain whether its postmaster do 
stop local spammers: it can both track individual ESMTPSA senders, and 
determine the spam rate against the number of /good/ VBR DNS lookups. 
The rest is policy (how does an MTA assess new users, how it stops bad 
senders, how it solves disputes) and protocol (how to avoid multiple 
FBLs in case of multiple vouchers, how to track mailing list 
subscriptions, et cetera.)