Re: [Asrg] CRI Header
waltdnes@waltdnes.org Wed, 11 June 2003 02:54 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA27409 for <asrg-archive@odin.ietf.org>; Tue, 10 Jun 2003 22:54:44 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5B2sLX18042 for asrg-archive@odin.ietf.org; Tue, 10 Jun 2003 22:54:21 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5B2sKB18039 for <asrg-web-archive@optimus.ietf.org>; Tue, 10 Jun 2003 22:54:20 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA27402; Tue, 10 Jun 2003 22:54:14 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Pvid-0004Ba-00; Tue, 10 Jun 2003 22:52:11 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19Pvid-0004BX-00; Tue, 10 Jun 2003 22:52:11 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5B2qUB17952; Tue, 10 Jun 2003 22:52:30 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h5B2p2B17910 for <asrg@optimus.ietf.org>; Tue, 10 Jun 2003 22:51:02 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA27306 for <asrg@ietf.org>; Tue, 10 Jun 2003 22:50:56 -0400 (EDT)
From: waltdnes@waltdnes.org
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19PvfR-0004AI-00 for asrg@ietf.org; Tue, 10 Jun 2003 22:48:53 -0400
Received: from dci.doncaster.on.ca ([66.11.168.194] helo=smtp.istop.com) by ietf-mx with esmtp (Exim 4.12) id 19PvfQ-00049z-00 for asrg@ietf.org; Tue, 10 Jun 2003 22:48:53 -0400
Received: from waltdnes.org (ip2-165.tor.istop.com [66.11.165.2]) by smtp.istop.com (Postfix) with SMTP id 43895369B7 for <asrg@ietf.org>; Tue, 10 Jun 2003 22:50:23 -0400 (EDT)
Received: by waltdnes.org (sSMTP sendmail emulation); Tue, 10 Jun 2003 22:50:39 +4400
To: ASRG list <asrg@ietf.org>
Subject: Re: [Asrg] CRI Header
Message-ID: <20030611025039.GA1809@m433>
References: <01C32D56.08AC8FF0.eric@infobro.com> <MBEKIIAKLDHKMLNFJODBOEBEFIAA.eric@purespeed.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <MBEKIIAKLDHKMLNFJODBOEBEFIAA.eric@purespeed.com>
User-Agent: Mutt/1.4.1i
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 10 Jun 2003 22:50:39 -0400
On Sun, Jun 08, 2003 at 10:47:00AM -0400, Eric Dean wrote > I'm pretty sure that it's clear we should move forward with proposing > a new RFC2822 header. If a BOF wants to throw an X in front of > it, then so be it. I'll proceed br producing a draft with real > 2822-type headers. > > However, if someone out there is interested, we could interoperate > in the meantime using X or optional headers as well as with proposed > 2822 headers Has any consideration been given to doing this at the SMTP stage rather than as part of DATA: ? E.g. an EHLO which tries to negotiate a set of features, including CHRE:. If the destination MTA says "Yes, I do CHRE:", then do a "CHRE:" step just after the "RCPT:" step. Advantages to this include... 1) Spam runs from compromised home machines (Jeem.pv and Guzu) with forged "From:" addresses don't mailbomb innocent 3rd parties if rejected at SMTP time. 2) Yes, I realize that the ISP's MTA will have to keep state information regarding the luser's preferences. However, it comes down to either a) ISP's server doing it (maybe luser enters pre-emptive whitelist/blocklist via web interface), or b) luser administering it on his own MUA (Aunt Ethel or your parents, yeah sure) 3) Clients can change MUA's, restore backed-up drives, format and re-install, access email via web interface or laptop or handheld, etc, etc, without worrying about replicating/propagating a small distributed database over several client MUA's and devices. An XML structure to download and upload settings would also be nice for synchronizing multiple accounts at different ISPs. 4) This would require changes in MTA rather than MUA. The top 10 or twenty ISP's on the planet probably have 100,000,000 customers. Questions a) is it going to be easier to implement changes at a couple of dozen locations (plus multiple redundant MTAs) or a hundred million locations (multiplied by the number of devices/MUA's the clients use to access their email) ? b) as per 2-b) do you expect Aunt Ethel to be competent to download and install updated MUA's ? Hint, consider how many people use the default browser/mailer/newsreader that came with their OS. 5) Doing C/R via embedded headers means having to accept the entire email, because headers are part of DATA:. This uses additional bandwidth, even if the destination MTA issues a 550. 6) Which is going to to impose more load on an MTA a) handling an extra stage in the SMTP negotiation b) accepting the entire email and parsing the entire body looking for C/R headers 7) What about mailing lists (like this one for instance) that use b0rken 2-bit defaults where hitting "r" to reply sends a reply not to the list but to the individual sender ? How difficult is it to insert a "Reply-To:" header? How are MUAs going to handle Envelope-From. Don't talk to me about "Return-Path:". Many ISPs don't generate this on incoming email, many MUAs don't use it, and your Aunt Ethel doesn't know what it is, let alone the difference between "MAIL FROM:" and "From:". BTW, for those who despise b0rken mailing-list software, here is the answer, via procmail. Generate your own "Reply-To:" header... :0 fhw * ^X-BeenThere:.*asrg@ietf\.org * !^Reply-To: asrg@ietf\.org | formail -i "Reply-To: asrg@ietf.org (ASRG list)" ISP-wide implementations that send challenges via regular email address some, but not all of the above issues. -- Walter Dnes <waltdnes@waltdnes.org> Email users are divided into two classes; 1) Those who have effective spam-blocking 2) Those who wish they did _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- RE: [Asrg] CRI Header Eric Dean
- RE: [Asrg] CRI Header Eric D. Williams
- Re: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header Eric Dean
- RE: [Asrg] CRI Header Vernon Schryver
- RE: [Asrg] CRI Header Yakov Shafranovich
- Re: [Asrg] CRI Header Tony Hansen
- RE: [Asrg] CRI Header Eric D. Williams
- Re: [Asrg] CRI Header Dave Aronson
- RE: [Asrg] CRI Header Yakov Shafranovich
- Re: [Asrg] CRI Header Yakov Shafranovich
- Re: [Asrg] CRI Header Tony Hansen
- Re: [Asrg] CRI Header Yakov Shafranovich
- Re: [Asrg] CRI Header Tony Hansen
- RE: [Asrg] CRI Header Eric Dean
- RE: [Asrg] CRI Header Eric D. Williams
- RE: [Asrg] CRI Header Eric Dean
- Re: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header bukys
- RE: [Asrg] CRI Header Eric Dean
- RE: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header Peter Kay
- RE: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header Yakov Shafranovich
- Re: [Asrg] CRI Header waltdnes
- Re: [Asrg] CRI Header Yakov Shafranovich
- Re: [Asrg] CRI Header waltdnes
- RE: [Asrg] CRI Header Eric D. Williams
- Re: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header Eric D. Williams
- RE: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header Eric D. Williams
- RE: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header Yakov Shafranovich
- RE: [Asrg] CRI Header Eric D. Williams
- RE: [Asrg] CRI Header Eric D. Williams