Re: [Asrg] RFC5451 Re: who gets the report, was We really don't need

"Chris Lewis" <clewis@nortel.com> Mon, 08 February 2010 20:14 UTC

Return-Path: <CLEWIS@nortel.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3C11D3A70FB for <asrg@core3.amsl.com>; Mon, 8 Feb 2010 12:14:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.535
X-Spam-Level:
X-Spam-Status: No, score=-6.535 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HRBLFVZjNcDk for <asrg@core3.amsl.com>; Mon, 8 Feb 2010 12:14:16 -0800 (PST)
Received: from zrtps0kp.nortel.com (zrtps0kp.nortel.com [47.140.192.56]) by core3.amsl.com (Postfix) with ESMTP id 3C0C73A682A for <asrg@irtf.org>; Mon, 8 Feb 2010 12:14:16 -0800 (PST)
Received: from zrtphxs1.corp.nortel.com (casmtp.ca.nortel.com [47.140.202.46]) by zrtps0kp.nortel.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id o18KFE612082 for <asrg@irtf.org>; Mon, 8 Feb 2010 20:15:14 GMT
Received: from zrtphx5h0.corp.nortel.com ([47.140.202.65]) by zrtphxs1.corp.nortel.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 8 Feb 2010 15:14:59 -0500
Received: from [47.130.64.86] (47.130.64.86) by zrtphx5h0.corp.nortel.com (47.140.202.65) with Microsoft SMTP Server (TLS) id 8.1.340.0; Mon, 8 Feb 2010 15:14:58 -0500
Message-ID: <4B7070AF.2050304@nortel.com>
Date: Mon, 8 Feb 2010 15:14:39 -0500
From: "Chris Lewis" <clewis@nortel.com>
Organization: Nortel
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090812 Lightning/0.9 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20100208153359.56374.qmail@simone.iecc.com> <20100208164237.389722425C@panix5.panix.com> <4B704FFC.8040306@tana.it> <4B7059C9.2060102@nortel.com> <BB012BD379D7B046ABE1472D8093C61C01C3C452A4@EXCH-C2.corp.cloudmark.com>
In-Reply-To: <BB012BD379D7B046ABE1472D8093C61C01C3C452A4@EXCH-C2.corp.cloudmark.com>
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 08 Feb 2010 20:14:59.0054 (UTC) FILETIME=[635960E0:01CAA8FB]
Subject: Re: [Asrg] RFC5451 Re: who gets the report, was We really don't need
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2010 20:14:18 -0000

Murray S. Kucherawy wrote:
>> -----Original Message-----
>> From: asrg-bounces@irtf.org [mailto:asrg-bounces@irtf.org] On Behalf Of
>> Chris Lewis
>> Sent: Monday, February 08, 2010 10:37 AM
>> To: Anti-Spam Research Group - IRTF
>> Subject: [Asrg] RFC5451 Re: who gets the report, was We really don't
>> need
>>
>> Could we not do this by extending 5451 semantics to have a "where to
>> complain to" cause?
> 
> That might work, if there's a reliable way to get that information and relay it to MUAs.

It's a header in the email, so, and I think most thick clients (suitable 
for implementing the sending of a report) will already have it. 
Webmails, for example, would implement it server-end not (directly) in 
the browser.

> Are you talking about an internal destination for spam reports (e.g. your IT group), or an external one (e.g. abuse@domain)?

Either.  If you have an AR header you trust, there's no reason to refuse 
it giving you an external destination.  Question is, how do we tell it's 
trusted, or do we care (especially with a site that's not 5451 aware)?

If we pitch it towards RFC5451-aware sites, and they pre-strip all 
non-locally originated AR headers (as permitted by RFC5451), there's no 
issue.  Are the sites that won't be a big enough concern?  Dunno.