Re: [Asrg] We really don't need no stinkin IMAP or POP foram button to M

Ian Eiloart <> Tue, 09 February 2010 11:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C21C73A7357 for <>; Tue, 9 Feb 2010 03:43:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.518
X-Spam-Status: No, score=-2.518 tagged_above=-999 required=5 tests=[AWL=-0.075, BAYES_00=-2.599, SUBJECT_FUZZY_TION=0.156]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id h+wuvMnhz46j for <>; Tue, 9 Feb 2010 03:43:42 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 1282C3A6D48 for <>; Tue, 9 Feb 2010 03:43:41 -0800 (PST)
Received: from ([]:65317) by with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.64) (envelope-from <>) id KXKONB-000A5X-FE for; Tue, 09 Feb 2010 11:45:11 +0000
Date: Tue, 09 Feb 2010 11:44:35 +0000
From: Ian Eiloart <>
To: Anti-Spam Research Group - IRTF <>
Message-ID: <>
In-Reply-To: <>
References: <>
Originator-Info: login-token=Mulberry:01Ww15qsRu5w+ces0MxzPOguwdwYWaBL4z0Hg=;
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Sussex: true
X-Sussex-transport: remote_smtp
Subject: Re: [Asrg] We really don't need no stinkin IMAP or POP foram button to M
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <>
List-Id: Anti-Spam Research Group - IRTF <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 09 Feb 2010 11:43:44 -0000

--On 8 February 2010 15:29:58 +0000 John Levine <> wrote:

>> Except that that doesn't happen much these days. The number of bounces
>> that  I see into my domain is very small compared with even a year ago.
>> What  you're suggesting here would revive that problem in a new form.
> As Steve noted, very few people press the spam button.  It's not a very
> effective way to mailbomb people.

They don't? Well, very few people have a spam button to press. We're hoping 
to change that, aren't we? At least, to open up the possibility that a lot 
more people will have a spam button to press.

Of course, if spam reports are going to innocent third parties, then we'll 
hope you're correct.

>> In fact, my first action will probably be to configure my mail server to
>> remove the abuse-report header on inbound, outbound, and forwarded
>> email.
> Outbound I suppose, but why inbound or forwarded?  Stuff that survives
> your spam filters is considerably more likely to be from a real sender
> than random spam.  And what possible benefit is there to removing a
> forwarder's AR?  You want them to filter their spam better, don't you?

Why inbound? Because I don't want my users sending spam reports to third 
parties based on a header in the spam message. I want them to send the spam 
reports to me. I guess I might make an exception for gmail if the message 
carries a valid DKIM score. But I certainly won't let these headers survive 
unless there's either an SPF pass or a valid DKIM header.

>> Will I add an abuse-report header of my own? Probably not, because
>> that'll  mean (currently) creating a new email domain to collect the
>> reports, trying  to work out a way of filtering the reports from the
>> spam that reaches the  same address. And then doing something with the
>> reports.
> Why do you think you can't just set up an address in an existing domain
> for the reports and put it in the AR header?  The idea of overloading
> the server name as a mail domain was a mistake that we're not doing.

OK, if you're not doing that, then that's fine. I'd be much happier with an 
address in my existing domain, but not a standard address. It has to be one 
that I can choose. It won't accept mail through my MX servers, though. If 
the SMTP submission isn't authenticated, then I won't have any reason to 
believe it's a valid report.

Even then, I'd still rather simply have a flag set in my IMAP server. I 
don't want reports about messages that I never delivered to the mailbox. I 
don't want reports that carry munged copies of the original message. And, I 
don't want users to have to download messages with malware payloads simply 
to report them. I'd like a user to be able to select a number of messages 
and mark them as junk, without having to download them. I don't want them 
running up large mobile bandwidth bills just to report spam. I don't want 
their clients initiating time or cash costly transactions for the mail that 
the users least want to download.

> R's,
> John
> _______________________________________________
> Asrg mailing list

Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see