Re: [Asrg] We don't need no stinkin IMAP or POP, was Adding a spam button to MUAs

Daniel Feenberg <> Sat, 06 February 2010 22:03 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0868A3A6827 for <>; Sat, 6 Feb 2010 14:03:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.285
X-Spam-Status: No, score=-6.285 tagged_above=-999 required=5 tests=[AWL=-0.158, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_MILLIONSOF=0.315, SUBJECT_FUZZY_TION=0.156, UNPARSEABLE_RELAY=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id rN9xtEjaN80M for <>; Sat, 6 Feb 2010 14:03:33 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id B1D2B3A659A for <>; Sat, 6 Feb 2010 14:03:33 -0800 (PST)
Received: from ( []) by (8.14.3/8.13.8) with ESMTP id o16M4QWr029478 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT); Sat, 6 Feb 2010 17:04:26 -0500 (EST) (envelope-from
Received: from (localhost []) by (8.13.8+Sun/8.12.10) with ESMTP id o16M38Wl025619; Sat, 6 Feb 2010 17:03:08 -0500 (EST)
Received: from localhost (Unknown UID 1079@localhost) by (8.13.8+Sun/8.13.8/Submit) with ESMTP id o16M38Vo025616; Sat, 6 Feb 2010 17:03:08 -0500 (EST)
X-Authentication-Warning: Unknown UID 1079 owned process doing -bs
Date: Sat, 6 Feb 2010 17:03:05 -0500 (EST)
From: Daniel Feenberg <>
To: Anti-Spam Research Group - IRTF <>
In-Reply-To: <>
Message-ID: <>
References: <>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.39/RELEASE, bases: 20100206 #3440093, check: 20100206 clean
Subject: Re: [Asrg] We don't need no stinkin IMAP or POP, was Adding a spam button to MUAs
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <>
List-Id: Anti-Spam Research Group - IRTF <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 06 Feb 2010 22:03:35 -0000

On Sat, 6 Feb 2010, John Levine wrote:

>> We've been talking about using DNS for some of the signalling.  You
>> could specify a "_report.<mailstore hostname>" TXT record that specifies
>> the address (which isn't necessarily in the mailstore's domain) to send
>> it _and_ its very existence shows that the mailstore provider supports
>> the functionality (and thus the TiS button gets enabled).
> Right.  It would be a SRV record, but close enough.
> I'm still worried about name overloading.  Never in the history of POP
> or IMAP has the name of the server been anything other than a handle
> to the the IP address to which to connect.  If your server has
> multiple names, or no name, that has no effect on its operation.
> Here's a concrete example, a customer of mine who uses the hosted mail
> service at Tucows:
> $ dig a
>	294	IN	CNAME
> 3594 IN A
> $ dig a
>	300	IN	CNAME
> 3590 IN A
> Their POP and IMAP servers have thousands of different names, one for
> each hosting customer.  If we do a DNS hack, each of those thousands
> of customers has to add something to its DNS.  If we do something
> where the MDA adds a header, one software upgrade would make it work
> for everyone.
> This is a common way to set up a mail system for hosting services.  So
> you tell me, which approach is "simpler"?

1) If you have thousands of email domains, then perhaps they are generated
    mechanically, and a small change of code would create thousands of MX

2) There is always the wildcard, at least in Bind, which would make it a
    one line change.

3) The existence of a handful of sites where implementation would be work
    is hardly a reason to make additional works for millions of sites with
    a single domain.

4) The resistance to adoption will come chiefly from MUA vendors. MTA
    operators may be lax in using the information, but at least some
    of them will process the submissions. Getting even a single widely
    used MUA to adopt this would be a major accomplishment.

Daniel Feenberg

> R's,
> John
> _______________________________________________
> Asrg mailing list