Re: [Asrg] We don't need no stinkin IMAP or POP, was Adding a spam button to MUAs

Michael Thomas <mike@mtcc.com> Sat, 06 February 2010 17:42 UTC

Return-Path: <mike@mtcc.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 449203A70CC for <asrg@core3.amsl.com>; Sat, 6 Feb 2010 09:42:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.443
X-Spam-Level:
X-Spam-Status: No, score=-2.443 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rQFiqcO8oSVl for <asrg@core3.amsl.com>; Sat, 6 Feb 2010 09:42:26 -0800 (PST)
Received: from mtcc.com (mtcc.com [64.142.29.208]) by core3.amsl.com (Postfix) with ESMTP id 24E603A6D95 for <asrg@irtf.org>; Sat, 6 Feb 2010 09:42:26 -0800 (PST)
Received: from piolinux.mtcc.com (206-104-215-159.volcano.net [206.104.215.159] (may be forged)) (authenticated bits=0) by mtcc.com (8.14.3/8.14.3) with ESMTP id o16HhJmd007579 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <asrg@irtf.org>; Sat, 6 Feb 2010 09:43:20 -0800
Message-ID: <4B6DAA35.4060105@mtcc.com>
Date: Sat, 06 Feb 2010 09:43:17 -0800
From: Michael Thomas <mike@mtcc.com>
User-Agent: Thunderbird 2.0.0.14 (X11/20080501)
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20100206143422.26746.qmail@simone.iecc.com> <4B6DA714.3040402@nortel.com>
In-Reply-To: <4B6DA714.3040402@nortel.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1751; t=1265478201; x=1266342201; c=relaxed/simple; s=thundersaddle.kirkwood; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=mtcc.com; i=mike@mtcc.com; z=From:=20Michael=20Thomas=20<mike@mtcc.com> |Subject:=20Re=3A=20[Asrg]=20We=20don't=20need=20no=20stink in=20IMAP=20or=20POP,=20was=20Adding=20a=20spam=0A=20button= 20to=20MUAs |Sender:=20 |To:=20Anti-Spam=20Research=20Group=20-=20IRTF=20<asrg@irtf .org> |Content-Type:=20text/plain=3B=20charset=3DISO-8859-1=3B=20 format=3Dflowed |Content-Transfer-Encoding:=207bit |MIME-Version:=201.0; bh=4bbmZiUDya//eYi00PsPomVQq8lTJTcSg+r6KisgVbA=; b=HgcWx56+47YOG5DThRX9mffdYW+DcuqFzl7i9ZYECtqNvaVQsKrxTgsHew mFJKe6iBUmZhfOHe9g2+o6aNzlPa2eREhuEjL/wgTYg46EnUA9ZFOxg7SU+i piC1wIr+xIdP5RE+YUQumFvIJZxMzJgUjQP98HGgTe3F62aan99g0=;
Authentication-Results: ; v=0.1; dkim=pass header.i=mike@mtcc.com ( sig from mtcc.com/thundersaddle.kirkwood verified; ); dkim-asp=pass header.From=mike@mtcc.com
Subject: Re: [Asrg] We don't need no stinkin IMAP or POP, was Adding a spam button to MUAs
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Feb 2010 17:42:27 -0000

Pardon me since I haven't been paying complete attention, but is there 
any assumption that the
mail store itself is the one that you'd be shipping these arf reports 
to? Given that a lot of them
are Exchange which typically have little to do with anti-spam, that 
wouldn't be a very good
assumption.

Mike, sorry if I'm restating the obvious

Chris Lewis wrote:
> John Levine wrote:
>>> Make the ARF reporting address a configurable option, but default it 
>>> to a role account at the email domain of the machine from which 
>>> incoming mail is obtained.
>>
>> Now it's not opt-in by the mailstore provider.
>
> We need to have it self-configuring if the mailstore provides the 
> service.  Which either means a standard role account for it, or, some 
> way for the mailstore to tell the UA what address to use.
>
> IOW: pure user configurable doesn't do that.
>
> In-stream configuration (via MDA or MTA) would work, but it requires 
> the MDA/MTA be modified.  Which we're avoiding.
>
> We've been talking about using DNS for some of the signalling.  You 
> could specify a "_report.<mailstore hostname>" TXT record that 
> specifies the address (which isn't necessarily in the mailstore's 
> domain) to send it _and_ its very existence shows that the mailstore 
> provider supports the functionality (and thus the TiS button gets 
> enabled).
>
> Now, if the TXT record doesn't exist, we could suggest that the user 
> could set their own abuse report destination.  But I'd rather not get 
> into a situation where the user overrides the mailstore's explicit 
> choice.
>
> _______________________________________________
> Asrg mailing list
> Asrg@irtf.org
> http://www.irtf.org/mailman/listinfo/asrg