Re: [Asrg] Report-as-Spam header
"John Levine" <johnl@taugh.com> Mon, 11 June 2012 15:00 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id 2C2C321F864B for <asrg@ietfa.amsl.com>;
Mon, 11 Jun 2012 08:00:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -108.785
X-Spam-Level:
X-Spam-Status: No, score=-108.785 tagged_above=-999 required=5
tests=[BAYES_40=-0.185, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3,
USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hSG1fZm8+lgI for
<asrg@ietfa.amsl.com>; Mon, 11 Jun 2012 08:00:28 -0700 (PDT)
Received: from leila.iecc.com (leila6.iecc.com
[IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with
ESMTP id DCEA821F864E for <asrg@irtf.org>;
Mon, 11 Jun 2012 08:00:27 -0700 (PDT)
Received: (qmail 73154 invoked from network); 11 Jun 2012 15:00:26 -0000
Received: from leila.iecc.com (64.57.183.34) by mail1.iecc.com with QMQP;
11 Jun 2012 15:00:26 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com;
h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info;
s=4fd6080a.xn--btvx9d.k1206; i=johnl@user.iecc.com;
bh=ek1/omTERjasJUZlDJQ3m5RS7zxX+tEMF3x9tbpm7oU=;
b=sIj4uQ1zsa4s8CKcKoNvLv3uhJfV5+Atw8EaxCKMZXvgi5FEMpWR0iPekzVPuaoVuJpuPfdrZcSqkKiOUYn4GtYEtFUkAFEiBSjtDUyyywoSggzTsBLxm7LC/HCE8e/dkw9n8lPMkcCdc5aC7YScUw4S76OFCxaStTU+vE8UbhE=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com;
h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info;
s=4fd6080a.xn--btvx9d.k1206; olt=johnl@user.iecc.com;
bh=ek1/omTERjasJUZlDJQ3m5RS7zxX+tEMF3x9tbpm7oU=;
b=zFKnb0qS0xUfUXkglpBIivJmtQ/PlOf1ZgyFVNwr9HlszHt22z38gI4FoM72CB+za7gFcUFA28IHiDNylY7sRpL9F58yI9GCkl6+d1GfulnLBWzanQiUiosC1UpjzR+x6AOH49li76Q0+h4wnw45X6t7dGxGYYMzALu8quY+fBA=
VBR-Info: md=iecc.com; mc=all; mv=dwl.spamhaus.org
Date: 11 Jun 2012 15:00:04 -0000
Message-ID: <20120611150004.97523.qmail@joyce.lan>
From: "John Levine" <johnl@taugh.com>
To: asrg@irtf.org
In-Reply-To: <4FD4CAA4.5050006@swiftspirit.co.za>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 7bit
Subject: Re: [Asrg] Report-as-Spam header
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>,
<mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>,
<mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jun 2012 15:00:29 -0000
>Has a spam reporting header been considered, similar to the >List-Unsubscribe header in RFC2369? Yes, but I doubt it would be very useful. The problem is that bad guys can add the same headers as good guys, so it would likely be mostly used as a way to deflect complaints away from the ISP to the spammer. There are web control panels that add X-Anti-Abuse headers that I find mostly useful as a high scoring indicator in Spamassassin. You could envision some way to check and see if a reporting header was valid, but if you do that, whatever authority you contacted to check for validity could as easily provide the reporting address directly. The vast majority of ARF reports are sent as part of privately arranged feedback loops, where a sender tells a recipient what its outgoing IPs or DKIM signatures are, and the recipient sends a report when a user marks a message as spam. I also use ARF for unsolicited reports, finding the contact address through a combination of abuse.net and a modest (3000 entry) private list of IP ranges. That works reasonably well, but I'm not sure how well it scales. The question of how to figure out where to send abuse reports has come up many times in the past. You might want to look through the archives and the wiki. R's, John
- [Asrg] Report-as-Spam header Brendan Hide
- Re: [Asrg] Report-as-Spam header SM
- Re: [Asrg] Report-as-Spam header Brendan Hide
- Re: [Asrg] Report-as-Spam header SM
- Re: [Asrg] Report-as-Spam header Alessandro Vesely
- Re: [Asrg] Report-as-Spam header John Levine
- Re: [Asrg] Report-as-Spam header Brendan Hide
- Re: [Asrg] Report-as-Spam header Brendan Hide
- Re: [Asrg] Report-as-Spam header Brendan Hide