IETF Logo Mail Archive

Re: [Asrg] Report-as-Spam header

SM <sm@resistor.net> Mon, 11 June 2012 09:11 UTC

Return-Path: <sm@resistor.net>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C8E621F8535 for <asrg@ietfa.amsl.com>; Mon, 11 Jun 2012 02:11:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.855
X-Spam-Level:
X-Spam-Status: No, score=-101.855 tagged_above=-999 required=5 tests=[AWL=0.745, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XsEFNX4PjNNG for <asrg@ietfa.amsl.com>; Mon, 11 Jun 2012 02:10:56 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1676E21F855B for <asrg@irtf.org>; Mon, 11 Jun 2012 02:10:56 -0700 (PDT)
Received: from SUBMAN.resistor.net (IDENT:sm@localhost [127.0.0.1]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id q5B9AoXj002771 for <asrg@irtf.org>; Mon, 11 Jun 2012 02:10:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1339405854; i=@resistor.net; bh=hITztCYN5hgO9m2ZktTqttZp0xoo6AWVvCpJE4yJoQ4=; h=Date:To:From:Subject:In-Reply-To:References:Cc; b=pSv6CBjsxM3JBgP5Cz53I6twuPzZ33z7JIPY67WCylYJGIeK38Xx2WV8EM0h51fdg xLDGeR8S5xWhmhLyzatHuTqfb1Ce6umX+f+fsRaEHg1bLEzvhYGAIRMw0dWSll/vnk w0mj/d1fek6tWL2wbZFR+BttZBPd7V1GhrEgvPMA=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1339405854; i=@resistor.net; bh=hITztCYN5hgO9m2ZktTqttZp0xoo6AWVvCpJE4yJoQ4=; h=Date:To:From:Subject:In-Reply-To:References:Cc; b=UTZWhQvougReYslAJbp+UcHO08yW9w8fM0pwnazeHQMdWs3MG51ZY3yWJdsN3Qtvo OFlysyl7I9+leEDW3pTu83lJpo88NXrbb6oGM2NVRXAiM8xQF9waz5nBDQD/wJc2r0 X0DEaeFWdCVCRxemHmvyeqFtRpjJ8bhNOFXTrRYU=
Message-Id: <6.2.5.6.2.20120611012901.09858498@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Mon, 11 Jun 2012 02:05:48 -0700
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
From: SM <sm@resistor.net>
In-Reply-To: <4FD567DB.2080407@swiftspirit.co.za>
References: <4FD4CAA4.5050006@swiftspirit.co.za> <6.2.5.6.2.20120610123350.0939fc28@resistor.net> <4FD567DB.2080407@swiftspirit.co.za>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Subject: Re: [Asrg] Report-as-Spam header
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jun 2012 09:11:02 -0000

Hi Brendan,
At 20:36 10-06-2012, Brendan Hide wrote:
>  content, perhaps even only one header. A full report in ARF format 
> is far too much information when all I really want is enough 
> information to know/determine:
>a) A recipient reckons the mail was spam
>b) The account responsible for having sent the mail

[snip]

>Legitimate bulk mail services are already successfully using simple 
>headers and unique IDs. Typically their "unsubscribe" and 
>"report-as-spam" links embedded in the headers and in the mail 
>itself all use the same ID with only the URL being slightly 
>different, for example /unsubscribe?id=xyz and /report?id=xyz. This 
>has required minimal investment and research for the providers to 
>implement yet, in theory, it already achieves a reporting mechanism 
>that can be automated. The only hindrance with this type of 
>reporting is critical mass and standardisation. I'm not aware of any 
>two bulk mail services that use the same format or header.
>
>A concern I'm looking at is development time and achievable results. 
>How many days and lines of code will it take to implement a 
>server-side report-as-spam header (and corresponding support in 
>MUAs) vs implementing the reporting mechanisms the IETF MARF Working 
>Group are working on?

There are systems which add a reporting URL for users to provide 
feedback.  That can be used for point (a).  A server-side header can 
be added in less than an hour if you already have the backend in 
place to process the report.  The corresponding support in MUAs would 
take years.  The likelihood of that happening is very small due to legacy.

Picking points from your previous message:

>Drawbacks:
>Broken Header/Header Abuse? - My guess is that we will probably end 
>up with RBLs targeting servers that relay with invalid headers

There will be abuse.

>Performance - Mail servers implementing an automated suspension 
>system would need to maintain a database (or would need to be able 
>to trawl its own logs) for the account responsible for the abuse. 
>This does not necessarily have to be a large database, however it is 
>conceivable that some mail systems will want to trim this database 
>to only include recent outgoing mail.

It's possible to track even on a large system.

>Advantages:
>Better First Response against compromised accounts

That only works if both sides are proactive.  That's rare in practice 
as abuse handling is an expense people would prefer not to have.

>Standardisation of as-of-yet incompatible/incongruent features

That can take a year or more.  Some could write a draft as a starting 
point for the discussion.

Regards,
-sm

v2.23.0 | Report a Bug | By Email