Re: [Asrg] Adding a spam button to MUAs

"Chris Lewis" <clewis@nortel.com> Wed, 03 February 2010 16:25 UTC

Return-Path: <CLEWIS@nortel.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8D56028C0EE for <asrg@core3.amsl.com>; Wed, 3 Feb 2010 08:25:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.521
X-Spam-Level:
X-Spam-Status: No, score=-6.521 tagged_above=-999 required=5 tests=[AWL=-0.078, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xR0BKWwp7JUB for <asrg@core3.amsl.com>; Wed, 3 Feb 2010 08:25:19 -0800 (PST)
Received: from zrtps0kp.nortel.com (zrtps0kp.nortel.com [47.140.192.56]) by core3.amsl.com (Postfix) with ESMTP id A9C0C28C123 for <asrg@irtf.org>; Wed, 3 Feb 2010 08:25:18 -0800 (PST)
Received: from zrtphxs1.corp.nortel.com (casmtp.ca.nortel.com [47.140.202.46]) by zrtps0kp.nortel.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id o13GPj120988 for <asrg@irtf.org>; Wed, 3 Feb 2010 16:25:47 GMT
Received: from zrtphx5h0.corp.nortel.com ([47.140.202.65]) by zrtphxs1.corp.nortel.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 3 Feb 2010 11:25:42 -0500
Received: from [47.129.150.21] (47.129.150.21) by zrtphx5h0.corp.nortel.com (47.140.202.65) with Microsoft SMTP Server (TLS) id 8.1.340.0; Wed, 3 Feb 2010 11:25:42 -0500
Message-ID: <4B69A37E.3020803@nortel.com>
Date: Wed, 3 Feb 2010 11:25:34 -0500
From: "Chris Lewis" <clewis@nortel.com>
Organization: Nortel
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090812 Lightning/0.9 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20100201145903.30670.qmail@simone.iecc.com> <3741B85B916D847C703F2724@lewes.staff.uscs.susx.ac.uk> <A50C736E-EE14-4213-B99D-DD58C669FDAC@blighty.com> <100201092326.ZM5487@torch.brasslantern.com> <4B67ADC2.4080204@nortel.com> <1265090468.19504.22.camel@darkstar.netcore.co.in> <e0c581531002021629r1c54c2bdy8d550c410497f677@mail.gmail.com> <6ED765A6FA316CD5CB3ABAF9@lewes.staff.uscs.susx.ac.uk>
In-Reply-To: <6ED765A6FA316CD5CB3ABAF9@lewes.staff.uscs.susx.ac.uk>
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 03 Feb 2010 16:25:42.0527 (UTC) FILETIME=[87C130F0:01CAA4ED]
Subject: Re: [Asrg] Adding a spam button to MUAs
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 16:25:20 -0000

Ian Eiloart wrote:

> This is one reason to support an IMAP extension.

There's no reason not to.  The important thing to realize at this stage 
is the basic principles an implementation of a "standard spam button" 
thing should support: multiple reporting mechanisms, specifiable 
destinations, and a couple flavours of content.

Discussions over whether there should be IMAP, POP, SMTP, NTP, DNS, 
HTTP, NNTP, or whatever mechanisms is largely irrelevant at this stage. 
  A recognition that there should be provision for more than one is the 
useful bit.  The important bit right now is the signalling and things 
like, who can specify, whether one can override, whether multiple 
destinations is desired.

 > If the communication is between the authenticated user and the
 > IMAP server, then there doesn't seem to be room for abuse of the
 > abuse reporting mechanism.

Given the rise of AUTH hijacking in current use for spamming, you have 
to pay attention even here, and I'm sure the miscreants will come up 
with something.  Senders would like to be able to specify.  Meaning that 
the local report destination has to be able to handle that forwarding. 
Meaning there are potential vulnerabilities.

Eg: scum spammer inserting instructions to forward complaints as a DOS 
to an innocent third party.