Re: [Asrg] ARF traffic, was Spam button scenarios
"Chris Lewis" <clewis@nortel.com> Tue, 09 February 2010 22:51 UTC
Return-Path: <CLEWIS@nortel.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CE0A53A7633 for <asrg@core3.amsl.com>; Tue, 9 Feb 2010 14:51:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.46
X-Spam-Level:
X-Spam-Status: No, score=-6.46 tagged_above=-999 required=5 tests=[AWL=-0.017, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U7RAK+wAsvJt for <asrg@core3.amsl.com>; Tue, 9 Feb 2010 14:51:00 -0800 (PST)
Received: from zcars04e.nortel.com (zcars04e.nortel.com [47.129.242.56]) by core3.amsl.com (Postfix) with ESMTP id C284C3A7631 for <asrg@irtf.org>; Tue, 9 Feb 2010 14:50:59 -0800 (PST)
Received: from zrtphxs1.corp.nortel.com (casmtp.ca.nortel.com [47.140.202.46]) by zcars04e.nortel.com (Switch-2.2.0/Switch-2.2.0) with ESMTP id o19Mq4I05619 for <asrg@irtf.org>; Tue, 9 Feb 2010 22:52:04 GMT
Received: from zrtphx5h0.corp.nortel.com ([47.140.202.65]) by zrtphxs1.corp.nortel.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 9 Feb 2010 17:52:03 -0500
Received: from [47.130.80.167] (47.130.80.167) by zrtphx5h0.corp.nortel.com (47.140.202.65) with Microsoft SMTP Server (TLS) id 8.1.340.0; Tue, 9 Feb 2010 17:52:03 -0500
Message-ID: <4B71E6FC.4080400@nortel.com>
Date: Tue, 09 Feb 2010 17:51:40 -0500
From: Chris Lewis <clewis@nortel.com>
Organization: Nortel
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090812 Lightning/0.9 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20100208150513.49394.qmail@simone.iecc.com> <0BF553ABE600903AE55F0E89@lewes.staff.uscs.susx.ac.uk> <4B718E2A.5070304@tana.it> <D0AC3DDE-3995-4EE9-9914-30E2831BAE22@blighty.com> <4B71A3D8.40401@tana.it> <4B71A96D.8060909@nortel.com> <4B71B575.7050107@tana.it>
In-Reply-To: <4B71B575.7050107@tana.it>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 09 Feb 2010 22:52:03.0781 (UTC) FILETIME=[7F565750:01CAA9DA]
Subject: Re: [Asrg] ARF traffic, was Spam button scenarios
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2010 22:51:00 -0000
Alessandro Vesely wrote: > On 09/Feb/10 19:29, Chris Lewis wrote: >> Alessandro Vesely wrote: >>> form abuse@domain is standardized by rfc 2142. Some people (e.g. >>> Abusix) may plan to send machine generated complaints at such addresses. >> And they'll learn very very soon that that doesn't work. >> >> Been there/done that in a limited fashion, and even in that limited >> fashion, it don't work. > > Why not, _what_ goes wrong? The extant methods for determining where abuse reports are (a) usually wrong or missing and we're not going to bail that ocean, (b) insufficiently granular (both report types, but worse, breakdowns of space to responsible parties, ie resellers) and (c) without aggregation, too high volume even for automation. Abuse@example.com is for reports of abuse originating _at_ abuse@example.com, not for reports of abuse (eg: spam) originating elsewhere that example.com's users want to report. In other words, our TiS should _not_ go to abuse@nortel.com. It goes elsewhere. If I changed my mind for convenience, I wouldn't change the TiS to go to abuse@nortel.com, I'd change the mail system to alias it. I did some experimentation with automatic aggregation and hand-configured destinations for a small fraction of reports. That worked somewhat, but not worth the effort to keep touching the config. > It seems to me that a simple filter could determine ARF/non-ARF > quality of a message in a fraction of the time that spamassassing > would take to process it, assuming abuse@ boxes are whitelisted. A single bot run could fill up the abuse box so quickly that a "simple filter" can't do anything about it. For the rare occasion that you want your TiS button goes to abuse@<you>, a simple forwarding alias is far easier than the more common circumstance of having to construct some sort of content filter to split ARFs from non-ARFs. And less likely to completely break down during a flood.
- Re: [Asrg] Spam button scenarios Steve Atkins
- [Asrg] Spam button scenarios John R. Levine
- Re: [Asrg] Spam button scenarios Daniel Feenberg
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Andreas Saurwein Franci Gonçalves
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Alessandro Vesely
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Derek Diget
- Re: [Asrg] Spam button scenarios Martijn Grooten
- Re: [Asrg] Spam button scenarios der Mouse
- Re: [Asrg] Spam button scenarios Bill Weinman
- Re: [Asrg] Spam button scenarios Chris Lewis
- Re: [Asrg] Spam button scenarios Seth
- Re: [Asrg] Spam button scenarios Steve Atkins
- Re: [Asrg] Spam button scenarios Martijn Grooten
- Re: [Asrg] Spam button scenarios John Levine
- Re: [Asrg] Spam button scenarios Ian Eiloart
- Re: [Asrg] Spam button scenarios Ian Eiloart
- [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Chris Lewis
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Steve Atkins
- Re: [Asrg] ARF traffic, was Spam button scenarios Chris Lewis
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Alessandro Vesely
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart
- Re: [Asrg] ARF traffic, was Spam button scenarios Ian Eiloart