Re: [Asrg] Spam button scenarios
Ian Eiloart <iane@sussex.ac.uk> Tue, 09 February 2010 15:10 UTC
Return-Path: <iane@sussex.ac.uk>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 00E653A73D8 for <asrg@core3.amsl.com>; Tue, 9 Feb 2010 07:10:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.506
X-Spam-Level:
X-Spam-Status: No, score=-2.506 tagged_above=-999 required=5 tests=[AWL=-0.063, BAYES_00=-2.599, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IE0F8LcIIiFf for <asrg@core3.amsl.com>; Tue, 9 Feb 2010 07:10:53 -0800 (PST)
Received: from sivits.uscs.susx.ac.uk (sivits.uscs.susx.ac.uk [139.184.14.88]) by core3.amsl.com (Postfix) with ESMTP id B72BC3A7549 for <asrg@irtf.org>; Tue, 9 Feb 2010 07:10:53 -0800 (PST)
Received: from lewes.staff.uscs.susx.ac.uk ([139.184.135.133]:61419) by sivits.uscs.susx.ac.uk with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.64) (envelope-from <iane@sussex.ac.uk>) id KXKY90-000D8I-5G for asrg@irtf.org; Tue, 09 Feb 2010 15:12:36 +0000
Date: Tue, 09 Feb 2010 15:11:59 +0000
From: Ian Eiloart <iane@sussex.ac.uk>
Sender: iane@sussex.ac.uk
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <0BF553ABE600903AE55F0E89@lewes.staff.uscs.susx.ac.uk>
In-Reply-To: <20100208150513.49394.qmail@simone.iecc.com>
References: <20100208150513.49394.qmail@simone.iecc.com>
Originator-Info: login-token=Mulberry:01nC8++wWQrGDdnJJdCFUPpLFuAqdfVf9VEZo=; token_authority=support@its.sussex.ac.uk
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Sussex: true
X-Sussex-transport: remote_smtp
Subject: Re: [Asrg] Spam button scenarios
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2010 15:10:55 -0000
--On 8 February 2010 15:05:13 +0000 John Levine <johnl@taugh.com> wrote: >>>> A) User has multiple incoming accounts, presses the spam button, and >>>> the outbound MSA doesn't match the incoming account. Hence the report >>>> goes via unrelated third parties that might snoop on it. Do we care? >>>> The user has said it's spam, after all. >>>> >>> >>> The user trusts his good outgoing mail to that MTA - why should she not >>> trust her spam to the same MTA? >> >> It's a different case. We're sending email to an address at that MTA, >> and drawing attention to it. >> >> The main problem here, though, is that the user thinks they're reporting >> spam, but in fact they're generating it. > > No, no. I was assuming that the user was sending reports to a reasonable > address, not one made up from the name it uses to find its POP or IMAP > server. And not one found in a header in a spam message, either, I hope. >(See other threads for why that's hopeless.) The question is > whether it's a problem that the spam report takes a detour through someone > else's mail system on its way. There are two possibilities here: The user retrieves a message from our mailstore, and attempts to use a third party address to report it. We'll not likely take much notice of reports from addresses outside our domain, that are purporting to have knowledge of what's on our mailstore. If the message isn't still on our mailstore, there won't be an easy way to verify that it ever was - and there certainly won't be an easy way to verify that the message in the report is unmodified. The user retrieves a message from our mailstore, and attempts to use an address in our domain to report it to us, but submitted through a third party MSA. We'll simply reject the message on the basis that we don't permit such traffic onto our MX servers. We won't even look at the message body. Either way, the report won't be actioned. -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/
- Re: [Asrg] Spam button scenarios Steve Atkins
- [Asrg] Spam button scenarios John R. Levine
- Re: [Asrg] Spam button scenarios Daniel Feenberg
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Andreas Saurwein Franci Gonçalves
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Alessandro Vesely
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Derek Diget
- Re: [Asrg] Spam button scenarios Martijn Grooten
- Re: [Asrg] Spam button scenarios der Mouse
- Re: [Asrg] Spam button scenarios Bill Weinman
- Re: [Asrg] Spam button scenarios Chris Lewis
- Re: [Asrg] Spam button scenarios Seth
- Re: [Asrg] Spam button scenarios Steve Atkins
- Re: [Asrg] Spam button scenarios Martijn Grooten
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Ian Eiloart
- [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Chris Lewis
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Chris Lewis
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart