IETF Logo Mail Archive

Re: [ietf-smtp] SMTP Response for Detected Spam (SRDS)

"Brotman, Alex" <Alex_Brotman@comcast.com> Tue, 18 January 2022 13:24 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E78D3A1153 for <ietf-smtp@ietfa.amsl.com>; Tue, 18 Jan 2022 05:24:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xh6GChWKBCIC for <ietf-smtp@ietfa.amsl.com>; Tue, 18 Jan 2022 05:24:55 -0800 (PST)
Received: from mx0b-00143702.pphosted.com (mx0b-00143702.pphosted.com [148.163.141.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20B853A1154 for <ietf-smtp@ietf.org>; Tue, 18 Jan 2022 05:24:54 -0800 (PST)
Received: from pps.filterd (m0156894.ppops.net [127.0.0.1]) by mx0b-00143702.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 20ICmgXd002666; Tue, 18 Jan 2022 08:22:44 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=20190412; bh=NTJRjneMqKBvCMclzDQEpqtts3W/Sp8sk9F2tdZPfTg=; b=r8GDCQwDptHMaCuMbNPEjY1uthhTMTpJzTnkHk334BvtuLkBpnybnt/h8yIQ3KfZWif3 ylcaKm4KM58hce4i1PC5Ypt2/xFJMieXlQ95OOVJ8J293pajSE54ecs/NMwBrnobnmYp AjHOk70ffJ5m/InUIJpoh4l/s+ckpG0y1uqZ5B6MFR3PgwFrUqSr+k+of0Dkr+B0ylhQ +WtrT9g4o0K4G2nupXCGHSfi0J/rtGOjPY/ZfqSXQa93dxyuMIbuNH/1sSzgt6PN+cqX DXIeSukMH2BMOCS7fUkxLP1xfqThnfKSLRDr1NQnYPz0L53rIlR7jBoiub0wPHil6Ecn Vw==
Received: from pacdcexop04.cable.comcast.com (dlppfpt-wc-1p.slb.comcast.com [96.99.226.136]) by mx0b-00143702.pphosted.com (PPS) with ESMTPS id 3dn94hq1j6-11 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 18 Jan 2022 08:22:44 -0500
Received: from PACDCEXOP01.cable.comcast.com (24.40.1.148) by PACDCEXOP04.cable.comcast.com (24.40.1.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Tue, 18 Jan 2022 08:22:36 -0500
Received: from PACDCEXEDGE01.cable.comcast.com (76.96.78.71) by PACDCEXOP01.cable.comcast.com (24.40.1.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.986.14 via Frontend Transport; Tue, 18 Jan 2022 08:22:36 -0500
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.174) by webmail.comcast.com (76.96.78.71) with Microsoft SMTP Server (TLS) id 15.0.1497.26; Tue, 18 Jan 2022 08:22:36 -0500
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by BYAPR11MB2790.namprd11.prod.outlook.com (2603:10b6:a02:c4::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.9; Tue, 18 Jan 2022 13:22:32 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::90bb:db8:f9ab:4e6b]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::90bb:db8:f9ab:4e6b%6]) with mapi id 15.20.4888.014; Tue, 18 Jan 2022 13:22:32 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: Дилян Палаузов <dilyan.palauzov@aegee.org>, ietf-smtp <ietf-smtp@ietf.org>
Thread-Topic: [ietf-smtp] SMTP Response for Detected Spam (SRDS)
Thread-Index: AdgJW5s4CJeX1rEfSI+mKyUpPpB4tAAIbKuAALwd16A=
Date: Tue, 18 Jan 2022 13:22:32 +0000
Message-ID: <MN2PR11MB4351944A05B3971645CEA20EF7589@MN2PR11MB4351.namprd11.prod.outlook.com>
References: <MN2PR11MB4351843B8D91E6B983190549F7549@MN2PR11MB4351.namprd11.prod.outlook.com> <9df043b1c7e1b8ea326c41c62675d89b0cae5b15.camel@aegee.org>
In-Reply-To: <9df043b1c7e1b8ea326c41c62675d89b0cae5b15.camel@aegee.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f4d0c3d3-cf1b-441f-aecf-08d9da8595a3
x-ms-traffictypediagnostic: BYAPR11MB2790:EE_
x-microsoft-antispam-prvs: <BYAPR11MB2790B7FAC295D42084CE93D4F7589@BYAPR11MB2790.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: McYlSjiNu2D0UDt0N57FDz3Nf2K3W2ZyaYtCNhtmmqJhf4oNIeqshpi5crnFnKaC1CxUsUiIR8npLFy7HHQ9W8nGvadeeYIRoPQuKheAnGX9h2A+BLTXtlQZ63K0j2aQwcHrEeL016yLI91YSs0NxLsD61+3mw6ji/OmqFaJRFoDHBpelsKdBSD1nEHb7vXzWi6XL5LCc0/RrhtBYX25goCke+ZNvLO0WMrymJDd/4BipWamK/Iy419V3Ci7pPWx9vzCUvQHKHbKi7qlvSa4Zasls/PmhxDO5BbZeoGjRy0jfbz/yG6G870psCgTdSZbcZxq0qm3WLwY5kB3DZPuEcygp8632RJSni/+wBN2d59b4t0u6+9FRfO1VZsQAS+3Uuk8d6w/wDwYUOVZgYFI9SC++dt0zU1EtQjzOKxrgjga3V6JYj+4eTsdVGEDu+PZ+eU5vXZGZzvuD3eNqTMrbdzVSljSKlU9DcVke8o3dd4P/3atNgXKHriuiq2lpOACb2lkpelpymfHlls9DZgQ8XUDisx+gZ+4FAdzxVmDmLla++hQsdLyHXCYtyTmS/uIbWSWyNG9acgxchZydR/xpFthUQx7SfPqB/S4efjL3M4ghvaDZ7gLjz6jn3NPSX572254YJGKVpU1zwCev9ui1g6Nj22HNypEkugf6P7z5Tw1lubDK/wVTlnVwOOOp24VLfBnRMRjS6ZxHF9+Xo9ub19No1uipOhJxWlzejwqWT3tATZHunWusaJqeK2LXFUTkdL6J+8vJ7Jt6krgsz3heweNfWZwNAo32iqtyEjWV0GGMuh0vFi+Z+PmbOEDgxCYHgfP/dU9Fa2LgAnHjgAlSg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(7696005)(71200400001)(52536014)(86362001)(2906002)(66476007)(82960400001)(66556008)(64756008)(110136005)(8936002)(66446008)(83380400001)(508600001)(966005)(8676002)(33656002)(38070700005)(5660300002)(316002)(53546011)(55016003)(76116006)(38100700002)(186003)(122000001)(9686003)(6506007)(66946007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: nUqLl1jzsAuMTW+RmxTVXwqju6A9BYVcFc7XdlyOIa5ykleSq2XCpvnIrccMC5SDblKF2B1Or7EXCKVRVjjJsid+PeYzkjbMomLqwZ1km+7vy5oc/E/WiPvJma/uqvdh4BkPf+NSLcA+9eM5hC7iEBKiA3aXq78TDWF6haqvc73ZX+QsMEEIUYW3hyoMP6TMT34aFW6isd7nq6KisEIg6EOlLWbLsKLOcj578xuYpkJfWHMYX/oPI+i188S8db556/hBHs9yIPuQ9rq3J00iRyYdJc0tWHfnceQBFjOSi0gdNkGlLgE7AhtUHK16eOojXrMKvoRsotO3BU1GR3Q1Knmx0AM7hfP0rpwDZGAwDSYx2M/CfMIiUq6YEjxRt6241xRjL2rRx37mpER8MzzkNjtwEoI2w6nZYF9Wm9U/X2kFYBmIzI+udQIZNSO7w2/4m9CkwGbqvT325bOCinIDTKn6DbfW2+FRFffkf08WqbAi4bMk5sxzSdgvo4OuZyij3G7EAU/LGO8CbQSPTc4RCFHIixeUqUVJcLLmoXhDUUfoVmlQQpkov9NCoPqaB0U0BQo5RcRiILoG5H4k12GE0iK5cAdLD3FkowvuEpysrFjYbbjywmnocqlQTfIMKrfXzlaXVaetNwUbKsCcAI7JwKMLClJQcipOj21xohvROfIdPtVXb7CN4FcVbFryr+B+ZXR8ZDlEnXxmpyiG0xHcxnYE6z0CbcgId6EzHOY/OH0Vl5enV7IIO/J7k9tkYB/6lGS4RT1Rut25YBrtZpVH7/Ko1r9EDnCPVXDWlWQznfKA8LYzfGbKJbmFFQLXUgy3m3UkdX9lSaHLfgOWTTzrJXD9OOFlIbHN3uubll7KSXjjOPPul2nJ8LWNkNl96tQW1wyrnGPb/ZNcRrDOSfBqQ539Rjkv0ap9HfNiCJMpWNGZ8P6HMBIXDWWYbICY2fhmkRP0/c68O0gXEeYlDAJjYWnDcum5h19d+fdN49o+J/c8d0v6HxFMSLTkqn4HYSJtpcGAyYSyK9jPmjN3vRc7FxijF0hmyU6tlg8qyrZzV29Tnom8MugAkihRfkuBsvElVCzyVvOyz4AAhUoFtJt3GZMB6ATr5XdvEG7IU2mzUX7CqWwLQzi8sA2qlQUf0ABn2lr9uhNZXyUNrVlC5UW6/UqZUMOhV0irrHVEXwFX/FYgtUd3pHgCWOK9Q44o1pRQTK2sM+zVLQy4dcDh2IDggxtYJHJ6Xov8K2AJBhGDzx6zTrydJhqS1qrk7EEclOvF6lGttnyDk7FyphQ5s9WvgUm4G6KwUbVef8V0bPgsDmQX3cMRpOoOMvry7OJERc4X2lgkXWQm73Y4/PAJ/WPVJuX1EU8joj7fgDzHFGASjUwCHDwYqFFup1PMUu8w4X6IbOUT56LmgbZ2syF71lsNRZqSHV1+9L+RqjbHwq8/RG6XmblNwalEcJ6Emvvq47U30qD+7usR2+v1ZCNmKn8OrDMHa3nn+bCKfsE2e7xx4GGEfxerBWox3vbQJ8+TVZd4u8JkrEvlzSKsGNecMag4TG9IKLGuaOUCLCLFrehfIRf6gig6tkhwV+0d1nUL+dRS0uf4qayCagohjeHkJxKQf2eFajvwDNj2nJQMqqjKHC4iP415/K7gEWcYUZlmbaov+HFYrGPxImNWZxVe8CLu6nDi5p7qViZwINFvPAFfmMCcumTqUOAo0QE1tTuoFXu3AAQ+M4f5zigy8P8OfTJTgA==
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fkCanKijEZiUmG7yyd18tXbzQAp35IjAmhNof+KYOLKApbhadVAgkkG6q2sm0GM0wsQDsgQWQy0HAhMjGZmdQmccDw8XQMeylLm54PsG/FyELeeqxwGf17BZDM8gQzdenSBzlyan2heeZ3/NBse1m9u/X9Sma0FHZwuCsqc0sPGgFKEtchkz1XcnsejKPqMWNGm3SA2u007BgX+LBEpYYhbSqtaJUUUjOIRXSysUZNw/OgR1ISCImuq9xdHY1aDy39DxAqppdkfZWDnuwPtjOzz+MvZZCS8qb+BI6uIvyxKwEfT3EDvX5LXV1gwoSfAK99QQIjeYnMryC3/sZPdEhg==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jcWWzjAiNUSA8QuzijQOCblMSwTJPamr6rdoQaLAykw=; b=bo1jGldSwsKnlRsdCaQcscGSJeFPU+mvqdtFnDbBcagYhFVUe7lRdeyGzeMV8VdvpbwOyJeN507dKSUNUiFSAQ0DcfgqBEPK45mjJaLcmz8e4/TnpnCZY3h3xxowOAq7FMY12bY/kT9H6G12PnzZdGPgppziZMWLIIOZBFA0BFVcpOwCFi86Detc/pTkg62Hu6Z8e/hSxG91mk3Z6jOR96ulIw90EDIPyO4HqTrMOHX9uR3da6HEWiIrg4x26QETxSRaenqXUhcx7icMWEPt8+3qk6XoAosJYSXiXeFAQIQgT+6hgn6mJkO8GDYfUUZCKnVAbvLu5Ai2fIcRgUyezQ==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4351.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: f4d0c3d3-cf1b-441f-aecf-08d9da8595a3
x-ms-exchange-crosstenant-originalarrivaltime: 18 Jan 2022 13:22:32.5204 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: C5F+7/gI5UtSPPiCwCzs+Fy44n432WpXtW61V+f8o2fg3PIsX3SUSzWU8sIMjoW6gIJ5vhMiIdoqn6ui7jAo7Qwmy6/SnKAnNcNaLIvhqt4=
x-ms-exchange-transport-crosstenantheadersstamped: BYAPR11MB2790
x-originatororg: comcast.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Forward AAETWZ
X-Proofpoint-ORIG-GUID: 3nKYd14osrKJt7UADUd-13vAdN7VsC_M
X-Proofpoint-GUID: 3nKYd14osrKJt7UADUd-13vAdN7VsC_M
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-01-18_03,2022-01-18_01,2021-12-02_01
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/cUT8466lcY4Byv4QcbFVSwFJdAQ>
Subject: Re: [ietf-smtp] SMTP Response for Detected Spam (SRDS)
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jan 2022 13:24:59 -0000

Hello,

This draft wasn't suggesting that the receiving system reject the mail when detected as spam, but instead accept the message and notify the sender via a new reply code.   I believe this suggests the document should have a "rationale" section as to why a receiver may want to do this.

As for the case when there are two recipients, how does your method of suggesting alternate means of communication work when there are two recipients?  Do you do this at RCPT, or DATA?  If at DATA, do you provide multiple contacts for multiple recipients?

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

> -----Original Message-----
> From: Дилян Палаузов <dilyan.palauzov@aegee.org>
> Sent: Friday, January 14, 2022 2:31 PM
> To: Brotman, Alex <Alex_Brotman@comcast.com>; ietf-smtp <ietf-
> smtp@ietf.org>
> Subject: Re: [ietf-smtp] SMTP Response for Detected Spam (SRDS)
>
> Hello Alex,
>
> I personally inject my incoming emails into anti-spam software.  The software
> gives some reasoning (static, dynamic analysis), if it thinks the email is spam.
> Then I reject the mails during the SMTP dialog and return the reasoning of the
> anti-spam filter in the SMTP-reply.  The SMTP-reply includes further means to
> contact me.
>
> The advantage is, that I have no Spam/Junk folder, which needs attention.  The
> advantage is, that nobody ever asks, why a particular email was evaluated as
> spam.
>
> Additional reply code does not help.  In fact SMTP needs three reply codes an
> total - 2, 4 and 5.
>
> In the next ten years, the 259 code will not be used to notify the sender about
> anomalies.  If the sender shall be notified in a backward compatible manner
> about anomalies in the delivery,  a 4xx or 5xx code must be used.  Accepting a
> mail and returning 5xx code at the same time will not find consensus here.
>
> My recommendation is, if a mail is rejected because it is evaluated as spam,
> include in the rejection lines alternative means to contact the recipient, if the
> recipient does want so.
>
> You have to think on the case, where an email for two recipients is considered
> as spam to the first recipient and as ham for the second.
> This problem is not addressed in your draft and discussing it here will again not
> get any traction.
>
> Greetings
>   Дилян
>
> On Fri, 2022-01-14 at 15:34 +0000, Brotman, Alex wrote:
> > Hey folks,
> >
> > I had originally sent this over to dispatch, though Murray and John
> > felt it better to discuss here.  I thought it might help the general
> > ecosystem if there were a method by which receivers could give an in-
> > line response to a sender that the message they're attempting to
> > deliver is believed to be spam/malicious.  Additionally, I thought it
> > would be good to create a new code so that it could be more easily
> > identified by the sending party.  While I understand there's some fear
> > that this could be misused by spammers, restricting it responsible
> > parties may help there, and it could help responsible parties identify
> > abusive parties within their platform more quickly.
> >
> > https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-bro
> > tman-
> srds/__;!!CQl3mcHX2A!XA124SMuI4FySNhEBK2jsYwEcbtskGN_1AaqMprtcXNt
> > gBMid4FJGqKN0PpmaWV08Rhc$
> > https://urldefense.com/v3/__https://www.ietf.org/archive/id/draft-brot
> > man-srds-
> 00.txt__;!!CQl3mcHX2A!XA124SMuI4FySNhEBK2jsYwEcbtskGN_1AaqMpr
> > tcXNtgBMid4FJGqKN0PpmaVSQea0h$
> >
> > It's rather short (the only sample I found was also rather short), but
> > I welcome comments or thoughts.  Thanks for your time.
> >
> > --
> > Alex Brotman
> > Sr. Engineer, Anti-Abuse & Messaging Policy Comcast
> >
> > _______________________________________________
> > ietf-smtp mailing list
> > ietf-smtp@ietf.org
> > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/ietf
> > -
> smtp__;!!CQl3mcHX2A!XA124SMuI4FySNhEBK2jsYwEcbtskGN_1AaqMprtcXNtgB
> Mid4FJGqKN0PpmaXrdnUu9$

v2.23.0 | Report a Bug | By Email