IETF Logo Mail Archive

Re: [Asrg] Some data on the validity of MAIL FROM addresses

Vernon Schryver <vjs@calcite.rhyolite.com> Wed, 21 May 2003 00:27 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA07047 for <asrg-archive@odin.ietf.org>; Tue, 20 May 2003 20:27:06 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h4KNreV17327 for asrg-archive@odin.ietf.org; Tue, 20 May 2003 19:53:40 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4KNreB17324 for <asrg-web-archive@optimus.ietf.org>; Tue, 20 May 2003 19:53:40 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA07042; Tue, 20 May 2003 20:26:35 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19IHPx-00027K-00; Tue, 20 May 2003 20:25:17 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19IHPw-00027H-00; Tue, 20 May 2003 20:25:16 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4KNqNB17299; Tue, 20 May 2003 19:52:23 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4KNpIB17243 for <asrg@optimus.ietf.org>; Tue, 20 May 2003 19:51:18 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA07022 for <asrg@ietf.org>; Tue, 20 May 2003 20:24:14 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19IHNf-00026x-00 for asrg@ietf.org; Tue, 20 May 2003 20:22:55 -0400
Received: from calcite.rhyolite.com ([192.188.61.3]) by ietf-mx with esmtp (Exim 4.12) id 19IHNe-00026u-00 for asrg@ietf.org; Tue, 20 May 2003 20:22:55 -0400
Received: (from vjs@localhost) by calcite.rhyolite.com (8.12.9/8.12.9) id h4L0OE5v001653 for asrg@ietf.org env-from <vjs>; Tue, 20 May 2003 18:24:14 -0600 (MDT)
From: Vernon Schryver <vjs@calcite.rhyolite.com>
Message-Id: <200305210024.h4L0OE5v001653@calcite.rhyolite.com>
To: asrg@ietf.org
Subject: Re: [Asrg] Some data on the validity of MAIL FROM addresses
References: <Pine.LNX.4.44.0305201546370.1694-100000@entropy.galcit.caltech.edu>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 20 May 2003 18:24:14 -0600

> From: Michael Rubel <asrg@mikerubel.org>


> ...
> That's right, I'm saying that where SMTP status codes leak useful
> information about your system or your filters back to the spammer, they are
> obselete.

What information about your system or filters is leaked to the spammer
by SMTP status codes that is not leaked by DSNs?  What information is
leaked by status codes regardless of whether it is leaked by DSNs?

Of that leaked information, which cannot be protected if you choose
by not saying too much in status messages or DSNs?

> ...
> We don't disagree here.  I have no problem with SMTP responses that do not
> leak information.  It's the ones that leak information I have a problem
> with.  DSN's only leak information if a spammer gives his true return
> address, and can be implemented so as to leak it very slowly....

What is that leaked information?

> ...
> Can you think of a good reason *not* to hold off on sending a DSN until
> the final (user's) filtering decision has been made--for example, when the
> message gets dumped in the recipient's "spam" folder?  Apart from the 
> system load argument, that is.

For one thing, some spam has forged sender information.  DSNs for that
spam will be sent to innocent people, clogging their mailboxes, and
worrying them.  People are often quite worried by bounces for mail
they didn't send.

For another, in principle spammers might distribute spam using DSNs, bouncing
millions of messages. 

I wish I didn't suspect you'd fix both of those problems by also turning
off DSNs.


No great crystal ball is needed to know that the consensus among IETF
participants will be to include enough information in DSNs and STMP
status messages to allow senders to figure out what happened.  This
is not only because too many of us are engineers of various sorts who
have to figure out what went wrong and so value such information.  It
is also because the bread and butter of many of us depends in part on
email.  When your living depends on email, you do not like false
positives from spam filters and you really do not like silent false
positives.


Vernon Schryver    vjs@rhyolite.com
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.30.2 | Report a Bug | By Email | System Status