[Asrg] more validation methods, was spam down?

Alessandro Vesely <vesely@tana.it> Mon, 04 February 2013 11:34 UTC

Return-Path: <vesely@tana.it>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6F7721F8473 for <asrg@ietfa.amsl.com>; Mon, 4 Feb 2013 03:34:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.269
X-Spam-Level:
X-Spam-Status: No, score=-3.269 tagged_above=-999 required=5 tests=[AWL=-1.150, BAYES_50=0.001, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3poFIVbOx9fY for <asrg@ietfa.amsl.com>; Mon, 4 Feb 2013 03:34:46 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) by ietfa.amsl.com (Postfix) with ESMTP id 2DF2121F8467 for <asrg@irtf.org>; Mon, 4 Feb 2013 03:34:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=beta; t=1359977682; bh=HF7AXVXiTPIXCrSyNH/pjLKrEPeUXne+0liB9wW+9w8=; l=994; h=Date:From:To:References:In-Reply-To; b=qJeq5YCA8KGc6ye2WCwgMFzgOrWioyBmEBz9vzZwH2cCu+8q7DlLNYKUVykvjnKj3 W2yIIeJlDMPEYTwD4qdd++lNZpZjcefdSeJWLcE1OXrTcuTYPz0Oq+JXo4HtpT0+BH vF2GuaBeZxlL6cPQkra1JP4nBflBJNSzesVWXQds=
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLSv1/SSLv3,256bits,AES256-SHA) by wmail.tana.it with ESMTPSA; Mon, 04 Feb 2013 12:34:42 +0100 id 00000000005DC02B.00000000510F9CD2.0000530E
Message-ID: <510F9CD2.9060207@tana.it>
Date: Mon, 04 Feb 2013 12:34:42 +0100
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130107 Thunderbird/17.0.2
MIME-Version: 1.0
To: asrg@irtf.org
References: <5103DC4E.4090004@mtcc.com> <5103FE36.7010908@mustelids.ca> <CAJ4XoYdNpbeONbgR5unjNrMHtSv-302Kq7ycWZ559yoE4E1ZOw@mail.gmail.com> <51093ED6.9010401@mustelids.ca>
In-Reply-To: <51093ED6.9010401@mustelids.ca>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: [Asrg] more validation methods, was spam down?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Feb 2013 11:34:47 -0000

On Wed 30/Jan/2013 16:40:06 +0100 Chris Lewis wrote:
> 
> Validation is so irrelevant that the spammers impersonate sites when
> it's clearly unnecessary.  They use their facebook impersonation
> templates to send out pill spam for crissakes.  If validation was making
> a difference, the ROI would suffer.  I can only guess it isn't.

That seems to be true, sadly.

Looking at myself, the reason why I don't use authentication results
is because so few messages bear any.  If they covered a significant
percentage of messages (and spam), I'd use the data in those A-R
header fields to send complaints, implementing RFC 6650, according to
the discussions we already had.

A way to enlarge the covered base is to add more authentication
methods.  For example, "dnswl" would be quite similar to "vbr",
"iprev" is already defined, "rdap" is a promising new feature.  By
adding those, I'd expect it will become fairly difficult to find
messages with no authentication at all.  Correct?