IETF Logo Mail Archive

Re: [marf] draft-jdfalk-marf-as

"J.D. Falk" <jdfalk-lists@cybernothing.org> Thu, 23 June 2011 18:30 UTC

Return-Path: <jdfalk-lists@cybernothing.org>
X-Original-To: marf@ietfa.amsl.com
Delivered-To: marf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 555ED9E8056 for <marf@ietfa.amsl.com>; Thu, 23 Jun 2011 11:30:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id djZCO2SQU8Ou for <marf@ietfa.amsl.com>; Thu, 23 Jun 2011 11:30:31 -0700 (PDT)
Received: from ocelope.disgruntled.net (ocelope.disgruntled.net [97.107.131.76]) by ietfa.amsl.com (Postfix) with ESMTP id 18F7D9E8055 for <marf@ietf.org>; Thu, 23 Jun 2011 11:30:31 -0700 (PDT)
Received: from [192.168.1.191] (adsl-69-228-65-174.dsl.pltn13.pacbell.net [69.228.65.174]) (authenticated bits=0) by ocelope.disgruntled.net (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p5NITuhw022077 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for <marf@ietf.org>; Thu, 23 Jun 2011 11:30:28 -0700
X-DKIM: Sendmail DKIM Filter v2.6.0 ocelope.disgruntled.net p5NITuhw022077
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cybernothing.org; s=triac; t=1308853828; bh=j1VeBd6r2+yqGG8c1YQcWZJKgjxTSHXnEtyKdgpnh SI=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date: Content-Transfer-Encoding:Message-Id:References:To; b=a0L19CdA3yO1 XPL/hoVMndZEfrPTaoNo1gCWDU9xiqtODO9TQp9Ar4djIEPSmEJPvzYoTEl5T2p0QZV IzDa0uzWSLu0qPp8MbNrzeeduMI1ZMHA6IsiBc+PiDP0pTZvegUBJIqa2ISDd6Vlplh xEG5Ybvl96+fWmLt7qeqcmcrU=
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Apple Message framework v1084)
From: "J.D. Falk" <jdfalk-lists@cybernothing.org>
In-Reply-To: <4E0089F2.20708@tana.it>
Date: Thu, 23 Jun 2011 11:29:55 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <3A5386A5-348E-4F98-9DB3-4E93BB2D3100@cybernothing.org>
References: <1C806C86-8D87-4FC9-9A36-58BB22076AB7@cybernothing.org> <4E0089F2.20708@tana.it>
To: Message Abuse Report Format working group <marf@ietf.org>
X-Mailer: Apple Mail (2.1084)
Subject: Re: [marf] draft-jdfalk-marf-as
X-BeenThere: marf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Message Abuse Report Format working group discussion list <marf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/marf>, <mailto:marf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/marf>
List-Post: <mailto:marf@ietf.org>
List-Help: <mailto:marf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/marf>, <mailto:marf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jun 2011 18:30:32 -0000

On Jun 21, 2011, at 5:09 AM, Alessandro Vesely wrote:

> Would it be possible to expand treatment of non-FBL data?  I heard
> rumors about FBL being considered illegal in Europe.  I'd bet it's
> not, although EU law requires users' consent.  At any rate, for
> clarity, I'd avoid calling "FBL" the unsolicited feedback generated
> without prior agreement.

This particular Applicability Statement is already restricted to solicited, end-user-triggered complaint feedback, so it does (in section 2, end of list item 1) point to the part of the MAAWG Complaint FBL BCP which discusses policy concerns.

> Appendix C in the CFBL BCP has some preliminary work on non-FBL.  A
> topic that I think should be worked out a little bit more is the
> choice between mailbox and access providers.  In section 2 of ARF-AS I
> would say that a report can alternatively be sent to one of
> 
> a) a sender authenticated with DKIM or SPF,
> b) the abuse-mailbox found in the RIR WHOIS database for the IP
>   address of the boundary relay, or
> c) a network provider higher in such allocation hierarchy.

That'd need to be a different Applicability Statement, describing non-solicited feedback.  This one only describes solicited feedback (as described in the introduction and in section 2 list item 3, among other places.)

I don't believe that there's sufficient implementation experience for an AS on non-solicited feedback, but I could be wrong.

> The CFBL BCP says to ignore abuse-reports sent by mistake.  Perhaps,
> this is where the non-spam ARF type has to be used, sending back the
> message to the author's mailbox provider so that they can undo any
> learning they had imparted to their spam filtering systems.

Seems technically feasible, but I've never heard of any implementation which works that way today.

> Of
> course, the non-spam report needs to be acknowledged by the user who
> originally reported the message as spam.  In case the user and the
> remote provider don't agree, either one or both of them deserve being
> categorized as bogus abuse-report sources.  (As silly as this may
> seem, it may turn out to be a good way to categorize gullible spammers
> and unreliable users.)

This is already fairly common, without needing to juggle externally-visible metadata.  For example, Cloudmark is known to track reporter reputation within their spam reporting system.

> For a minor point, the possibility to redact reported messages is not
> mentioned.

Good point, especially since we have a separate draft for that.  Only question is whether draft-jdfalk-marf-redaction will advance any time soon; I sure would like to get the BCP and AS finished and published sooner.

--
J.D. Falk
the leading purveyor of industry counter-rhetoric solutions

v2.23.0 | Report a Bug | By Email