Re: [Asrg] We really don't need no stinkin IMAP or POP foram button to M

John Levine <johnl@taugh.com> Mon, 08 February 2010 15:28 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 71E4C3A7414 for <asrg@core3.amsl.com>; Mon, 8 Feb 2010 07:28:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -13.267
X-Spam-Level:
X-Spam-Status: No, score=-13.267 tagged_above=-999 required=5 tests=[AWL=-3.977, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, RDNS_DYNAMIC=0.1, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0bnwtZ9w2NOA for <asrg@core3.amsl.com>; Mon, 8 Feb 2010 07:28:57 -0800 (PST)
Received: from gal.iecc.com (64.57.183.53.lightlink.com [64.57.183.53]) by core3.amsl.com (Postfix) with ESMTP id 1FDBB3A73EE for <asrg@irtf.org>; Mon, 8 Feb 2010 07:28:57 -0800 (PST)
Received: (qmail 2267 invoked from network); 8 Feb 2010 15:29:59 -0000
Received: from mail1.iecc.com (208.31.42.56) by mail1.iecc.com with QMQP; 8 Feb 2010 15:29:59 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding; s=k1002; olt=johnl@user.iecc.com; bh=A3RMUtqpYkyJS7gOFSLHZbVZ/SM2dfb5JUfTZ/+erv4=; b=C9lRg2q7SQoSgJEwAV48f3/VMRy6LPFumkuOlgqa8MuKNh5ZHAZf6yGwRDFj8rt9oTMw3Q1QUHVs1Ri0Qdg/KlCB5V6R1+yPnrs4cMsPUd3w60311c1RUu6de7UUhstwkoCt+RpPRjTYVEGo4KSLESHjcYrVau+aKTaMWznuE5s=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding; s=k1002; bh=A3RMUtqpYkyJS7gOFSLHZbVZ/SM2dfb5JUfTZ/+erv4=; b=QOIaXoVn0n2NGgGysNOSFX1LIK5phsBt5WZdvBEn/TBtOi5lT8M4WucG+Uho0FfNg0nl4/XX70Lp6C915QEEvvw+25MprVYvCLcCzhTAB90UYewVyTkRHKexeRa/rPspBUvHZ4PMWcKHtAazHXPPSJqeIFEL1nrCWQNtZtyOQec=
Date: Mon, 08 Feb 2010 15:29:58 -0000
Message-ID: <20100208152958.55376.qmail@simone.iecc.com>
From: John Levine <johnl@taugh.com>
To: asrg@irtf.org
In-Reply-To: <F27F2C6E565C064CA23EB925@lewes.staff.uscs.susx.ac.uk>
Organization:
Cc:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="iso-8859-1"
Content-transfer-encoding: 7bit
Subject: Re: [Asrg] We really don't need no stinkin IMAP or POP foram button to M
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2010 15:28:58 -0000

>Except that that doesn't happen much these days. The number of bounces that 
>I see into my domain is very small compared with even a year ago. What 
>you're suggesting here would revive that problem in a new form.

As Steve noted, very few people press the spam button.  It's not a very
effective way to mailbomb people.

>In fact, my first action will probably be to configure my mail server to 
>remove the abuse-report header on inbound, outbound, and forwarded email. 

Outbound I suppose, but why inbound or forwarded?  Stuff that survives
your spam filters is considerably more likely to be from a real sender
than random spam.  And what possible benefit is there to removing a
forwarder's AR?  You want them to filter their spam better, don't you?

>Will I add an abuse-report header of my own? Probably not, because that'll 
>mean (currently) creating a new email domain to collect the reports, trying 
>to work out a way of filtering the reports from the spam that reaches the 
>same address. And then doing something with the reports.

Why do you think you can't just set up an address in an existing domain
for the reports and put it in the AR header?  The idea of overloading
the server name as a mail domain was a mistake that we're not doing.

R's,
John