Re: [Asrg] Iteration #3.

Dave CROCKER <dhc@dcrocker.net> Sun, 07 February 2010 17:00 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F2283A7236 for <asrg@core3.amsl.com>; Sun, 7 Feb 2010 09:00:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.573
X-Spam-Level:
X-Spam-Status: No, score=-6.573 tagged_above=-999 required=5 tests=[AWL=0.026, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o+wwfszjfEad for <asrg@core3.amsl.com>; Sun, 7 Feb 2010 09:00:25 -0800 (PST)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by core3.amsl.com (Postfix) with ESMTP id 6F6973A6C1F for <asrg@irtf.org>; Sun, 7 Feb 2010 09:00:25 -0800 (PST)
Received: from [192.168.1.43] (adsl-68-122-70-87.dsl.pltn13.pacbell.net [68.122.70.87]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id o17H1Inc006845 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 7 Feb 2010 09:01:23 -0800
Message-ID: <4B6EF1DE.8070405@dcrocker.net>
Date: Sun, 07 Feb 2010 09:01:18 -0800
From: Dave CROCKER <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <4B6C6D35.1050101@nortel.com> <Pine.GSO.4.62.1002060114540.11995@spaz.oit.wmich.edu> <4B6DA82A.5080008@nortel.com> <Pine.GSO.4.62.1002062028030.11995@spaz.oit.wmich.edu> <Pine.GSO.4.64.1002070712530.12859@nber6.nber.org>
In-Reply-To: <Pine.GSO.4.64.1002070712530.12859@nber6.nber.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV 0.92/10363/Sun Feb 7 05:50:54 2010 on sbh17.songbird.com
X-Virus-Status: Clean
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Sun, 07 Feb 2010 09:01:24 -0800 (PST)
Cc: Daniel Feenberg <feenberg@nber.org>
Subject: Re: [Asrg] Iteration #3.
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: dcrocker@bbiw.net, Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Feb 2010 17:00:26 -0000

On 2/7/2010 4:16 AM, Daniel Feenberg wrote:
> For this reason the MTA operator would probably want to discard messages
> to the arf reporting address unless they were submitted via the MSA
> submission port, or came from inside the MTA operators own network.


The question of differentiating between reports that come from within the 
operator's trust boundary, versus from outside of it, is certainly reasonable to 
worry about for a reporting mechanism like this.

Exactly how to resolve that question might be easy or difficult, probably 
depending upon tradeoffs between false rejection of reports vs. false acceptance 
of them...

For some environment, I'd expect your simple rule to be entirely adequate.

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net