Re: [Endymail] spam versus cleartext

"John R Levine" <johnl@taugh.com> Tue, 09 September 2014 17:53 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 923FD1A0008 for <endymail@ietfa.amsl.com>; Tue, 9 Sep 2014 10:53:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.137
X-Spam-Level:
X-Spam-Status: No, score=-1.137 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qh9C7-odfhRB for <endymail@ietfa.amsl.com>; Tue, 9 Sep 2014 10:53:19 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D23B01A0007 for <endymail@ietf.org>; Tue, 9 Sep 2014 10:53:18 -0700 (PDT)
Received: (qmail 75753 invoked from network); 9 Sep 2014 17:53:17 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=127e8.540f3e8d.k1409; bh=qqS4B23yGXdyvmwXn3VvyAql0j1u2zLGR2kODqM5K14=; b=XNqRGtrOoizxx3b1LwVWBKs84ZLw5t9bzNqFl+i0btia4Vb7KBI+VTCXhU25w4gMaIb99Esf6pWKldP9I+hv38FutyH72H/V7/iIiz752LWCoz0SdHbgj+e9NYGZgjiyHFXarVPA/gsdUu/efywQo2UwnCeJ2G6jlXDcc/QSUDBNnMeN35az0tosboZTVgk1hsSqjLRTK90n7S1GsPAVvGFhWXfejYxU9Q2Dn7Vbg/tuFPF2HKAO6V9EF1R6mAJs
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=127e8.540f3e8d.k1409; bh=qqS4B23yGXdyvmwXn3VvyAql0j1u2zLGR2kODqM5K14=; b=3N/DtDrc3A+ybh0K0/PA1elhI6vE+qdQ01UfXk8hFxHzC04B71yJctowGYrm9NydB48xNLaEaa0VMms8aKtNCy4x/IleWZCmMTykMdR08gidBjmN5GCZdVgmq8fzz+RE+TPUIHQxxGhMBVNGvEplq8S23NYdMZi7yU6lYOGIrug4u1+NrH+dWPL1K9L54s2TGNU/vkKKy0g0TldVNFpsEPOafcodkSJb6+xevXZzdGL7Bv3OR9NtFEmj//aXQIzU
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 09 Sep 2014 17:53:17 -0000
Date: 9 Sep 2014 13:53:17 -0400
Message-ID: <alpine.BSF.2.11.1409091350310.1894@joyce.lan>
From: "John R Levine" <johnl@taugh.com>
To: "Dave Crocker" <dcrocker@gmail.com>
In-Reply-To: <540F39F2.1040801@gmail.com>
References: <20140907170207.14888.qmail@joyce.lan> <540F39F2.1040801@gmail.com>
User-Agent: Alpine 2.11 (BSF 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/1HNOlWSJPm4gsWhgfQgR6aSHz7U
Cc: endymail@ietf.org
Subject: Re: [Endymail] spam versus cleartext
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Sep 2014 17:53:20 -0000

> On 9/7/2014 10:02 AM, John Levine wrote:
>> I don't know of anyone who does message
>> rejection based on DKIM signatures
>
> Google and Yahoo say that they use DKIM signatures as part of reputation
> assessment.  That's distinct from any use of DMARC.

Oh, sure, but now that's just part of content based analysis: look at the 
message text, add special sauce, and decide whether to deliver to the 
inbox or the spam folder.

I suppose we can put DKIM in the very small category of content analysis 
that could still be useful with encrypted mail bodies, along with some 
checks for header defects typical of spambots.

R's,
John