Re: [Asrg] Spam button scenarios
Alessandro Vesely <vesely@tana.it> Mon, 08 February 2010 14:30 UTC
Return-Path: <vesely@tana.it>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B232A3A6D86 for <asrg@core3.amsl.com>; Mon, 8 Feb 2010 06:30:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.324
X-Spam-Level:
X-Spam-Status: No, score=-4.324 tagged_above=-999 required=5 tests=[AWL=-0.361, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, J_CHICKENPOX_34=0.6, RCVD_IN_DNSWL_MED=-4, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZhyhlvV3eE6O for <asrg@core3.amsl.com>; Mon, 8 Feb 2010 06:30:40 -0800 (PST)
Received: from wmail.tana.it (www.tana.it [62.94.243.226]) by core3.amsl.com (Postfix) with ESMTP id 4A5BF3A6DA9 for <asrg@irtf.org>; Mon, 8 Feb 2010 06:30:40 -0800 (PST)
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 515, TLS: TLS1.0,256bits,RSA_AES_256_CBC_SHA1) by wmail.tana.it with ESMTPSA; Mon, 08 Feb 2010 15:31:41 +0100 id 00000000005DC031.000000004B70204D.000024F5
Message-ID: <4B70204C.10307@tana.it>
Date: Mon, 08 Feb 2010 15:31:40 +0100
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1
MIME-Version: 1.0
To: asrg@irtf.org
References: <alpine.BSF.2.00.1002080111310.16135@simone.lan>
In-Reply-To: <alpine.BSF.2.00.1002080111310.16135@simone.lan>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] Spam button scenarios
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2010 14:30:41 -0000
On 08/Feb/10 07:28, John R. Levine wrote: > Here's some scenarios in which I'm not sure what the best thing is to do. > > A) User has multiple incoming accounts, presses the spam button, and the > outbound MSA doesn't match the incoming account. Hence the report goes > via unrelated third parties that might snoop on it. Do we care? The user > has said it's spam, after all. We care that reports get lost. However, picking the wrong MSA should at most result in a suboptimal delivery path. Was the destination address correct? > B) Assume a model in which the spam reporting address is determined per > account, e.g., fetched from the POP or IMAP server via an extension. The > user for whatever reason moves a message from account A into the IMAP > mailbox for account B and then hits the spam button, which sends the > report to B, even though the message was from A. Do we care? It's the > user's fault, although I can think of some simple configurations that > would cause that, e.g., MUA based spam filter that puts all the junk > into the Junk folder on the first IMAP account. Assume the MUA doesn't track moving the message. Using A-R fields, it would find the one from A, but since it is not trusted on B's mailbox the MUA shouldn't use it. Alternatively, the MUA can determine the validity of the top A-D field when it downloads the message. That would be useful for displaying A-R icons in message listing panes. And, it would allow to report the message as spam --to the right server-- even after it has been moved to a different account. > C) I have a Gmail account and a Yahoo account. The Gmail account is set > up to fetch my Yahoo mail so I can see it all in one place. I use > Gmail's IMAP server to read my mail. (I really do this, by the way.) I > hit the spam button. Who should get the report? > > 1) Gmail since that's who I picked it up from > 2) Yahoo since that's where the spam was sent > 3) Gmail but they should also forward the report to Yahoo By symmetry, #3. But what A-R fields do you get in messages transferred that way? If I had Authentication-Results: mx.google.com; spf=pass (google.com: domain of vesely@tana.it designates 62.94.243.226 as permitted sender) smtp.mail=vesely@tana.it then I would report to abuse@mx.google.com --I currently cannot, because there's no such domain. Is there any report on current A-R usage?
- Re: [Asrg] Spam button scenarios Steve Atkins
- [Asrg] Spam button scenarios John R. Levine
- Re: [Asrg] Spam button scenarios Daniel Feenberg
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Andreas Saurwein Franci Gonçalves
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Alessandro Vesely
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Derek Diget
- Re: [Asrg] Spam button scenarios Martijn Grooten
- Re: [Asrg] Spam button scenarios der Mouse
- Re: [Asrg] Spam button scenarios Bill Weinman
- Re: [Asrg] Spam button scenarios Chris Lewis
- Re: [Asrg] Spam button scenarios Seth
- Re: [Asrg] Spam button scenarios Steve Atkins
- Re: [Asrg] Spam button scenarios Martijn Grooten
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Ian Eiloart
- [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Chris Lewis
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Chris Lewis
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart