Re: [Asrg] We really don't need no stinkin IMAP or POP foram button to M

Ian Eiloart <iane@sussex.ac.uk> Tue, 09 February 2010 11:43 UTC

Return-Path: <iane@sussex.ac.uk>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C21C73A7357 for <asrg@core3.amsl.com>; Tue, 9 Feb 2010 03:43:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.518
X-Spam-Level:
X-Spam-Status: No, score=-2.518 tagged_above=-999 required=5 tests=[AWL=-0.075, BAYES_00=-2.599, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h+wuvMnhz46j for <asrg@core3.amsl.com>; Tue, 9 Feb 2010 03:43:42 -0800 (PST)
Received: from sivits.uscs.susx.ac.uk (sivits.uscs.susx.ac.uk [139.184.14.88]) by core3.amsl.com (Postfix) with ESMTP id 1282C3A6D48 for <asrg@irtf.org>; Tue, 9 Feb 2010 03:43:41 -0800 (PST)
Received: from lewes.staff.uscs.susx.ac.uk ([139.184.135.133]:65317) by sivits.uscs.susx.ac.uk with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.64) (envelope-from <iane@sussex.ac.uk>) id KXKONB-000A5X-FE for asrg@irtf.org; Tue, 09 Feb 2010 11:45:11 +0000
Date: Tue, 09 Feb 2010 11:44:35 +0000
From: Ian Eiloart <iane@sussex.ac.uk>
Sender: iane@sussex.ac.uk
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <37C514C23BD83694B2AC8A7F@lewes.staff.uscs.susx.ac.uk>
In-Reply-To: <20100208152958.55376.qmail@simone.iecc.com>
References: <20100208152958.55376.qmail@simone.iecc.com>
Originator-Info: login-token=Mulberry:01Ww15qsRu5w+ces0MxzPOguwdwYWaBL4z0Hg=; token_authority=support@its.sussex.ac.uk
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Sussex: true
X-Sussex-transport: remote_smtp
Subject: Re: [Asrg] We really don't need no stinkin IMAP or POP foram button to M
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2010 11:43:44 -0000

--On 8 February 2010 15:29:58 +0000 John Levine <johnl@taugh.com> wrote:

>> Except that that doesn't happen much these days. The number of bounces
>> that  I see into my domain is very small compared with even a year ago.
>> What  you're suggesting here would revive that problem in a new form.
>
> As Steve noted, very few people press the spam button.  It's not a very
> effective way to mailbomb people.

They don't? Well, very few people have a spam button to press. We're hoping 
to change that, aren't we? At least, to open up the possibility that a lot 
more people will have a spam button to press.

Of course, if spam reports are going to innocent third parties, then we'll 
hope you're correct.

>
>> In fact, my first action will probably be to configure my mail server to
>> remove the abuse-report header on inbound, outbound, and forwarded
>> email.
>
> Outbound I suppose, but why inbound or forwarded?  Stuff that survives
> your spam filters is considerably more likely to be from a real sender
> than random spam.  And what possible benefit is there to removing a
> forwarder's AR?  You want them to filter their spam better, don't you?

Why inbound? Because I don't want my users sending spam reports to third 
parties based on a header in the spam message. I want them to send the spam 
reports to me. I guess I might make an exception for gmail if the message 
carries a valid DKIM score. But I certainly won't let these headers survive 
unless there's either an SPF pass or a valid DKIM header.

>
>> Will I add an abuse-report header of my own? Probably not, because
>> that'll  mean (currently) creating a new email domain to collect the
>> reports, trying  to work out a way of filtering the reports from the
>> spam that reaches the  same address. And then doing something with the
>> reports.
>
> Why do you think you can't just set up an address in an existing domain
> for the reports and put it in the AR header?  The idea of overloading
> the server name as a mail domain was a mistake that we're not doing.

OK, if you're not doing that, then that's fine. I'd be much happier with an 
address in my existing domain, but not a standard address. It has to be one 
that I can choose. It won't accept mail through my MX servers, though. If 
the SMTP submission isn't authenticated, then I won't have any reason to 
believe it's a valid report.

Even then, I'd still rather simply have a flag set in my IMAP server. I 
don't want reports about messages that I never delivered to the mailbox. I 
don't want reports that carry munged copies of the original message. And, I 
don't want users to have to download messages with malware payloads simply 
to report them. I'd like a user to be able to select a number of messages 
and mark them as junk, without having to download them. I don't want them 
running up large mobile bandwidth bills just to report spam. I don't want 
their clients initiating time or cash costly transactions for the mail that 
the users least want to download.

> R's,
> John
> _______________________________________________
> Asrg mailing list
> Asrg@irtf.org
> http://www.irtf.org/mailman/listinfo/asrg



-- 
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/