Re: [marf] Section 1.1 (was: Require body?
"Murray S. Kucherawy" <msk@cloudmark.com> Fri, 16 April 2010 17:34 UTC
Return-Path: <msk@cloudmark.com>
X-Original-To: marf@core3.amsl.com
Delivered-To: marf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A38043A6A1B for <marf@core3.amsl.com>; Fri, 16 Apr 2010 10:34:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.336
X-Spam-Level:
X-Spam-Status: No, score=-2.336 tagged_above=-999 required=5 tests=[AWL=0.263, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OaZM2xr0QrAn for <marf@core3.amsl.com>; Fri, 16 Apr 2010 10:34:04 -0700 (PDT)
Received: from ht2-outbound.cloudmark.com (ht2-outbound.cloudmark.com [72.5.239.36]) by core3.amsl.com (Postfix) with ESMTP id E22F73A68BD for <marf@ietf.org>; Fri, 16 Apr 2010 10:34:04 -0700 (PDT)
Received: from EXCH-C2.corp.cloudmark.com ([172.22.1.74]) by spite.corp.cloudmark.com ([172.22.1.72]) with mapi; Fri, 16 Apr 2010 10:33:58 -0700
From: "Murray S. Kucherawy" <msk@cloudmark.com>
To: Alessandro Vesely <vesely@tana.it>, "marf@ietf.org" <marf@ietf.org>
Date: Fri, 16 Apr 2010 10:33:57 -0700
Thread-Topic: [marf] Section 1.1 (was: Require body?
Thread-Index: AcrdUw9un7N0IoDFS9u0QV4DN6i8HAANytHQ
Message-ID: <BB012BD379D7B046ABE1472D8093C61C01CFEA4ECC@EXCH-C2.corp.cloudmark.com>
References: <BB012BD379D7B046ABE1472D8093C61C01CFEA49AC@EXCH-C2.corp.cloudmark.com> <20100415100620.9A85AF5808A@smtp.patriot.net> <BB012BD379D7B046ABE1472D8093C61C01CFEA4D0E@EXCH-C2.corp.cloudmark.com> <4BC841A7.1060704@tana.it>
In-Reply-To: <4BC841A7.1060704@tana.it>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [marf] Section 1.1 (was: Require body?
X-BeenThere: marf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Message Abuse Report Format working group discussion list <marf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/marf>, <mailto:marf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/marf>
List-Post: <mailto:marf@ietf.org>
List-Help: <mailto:marf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/marf>, <mailto:marf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Apr 2010 17:34:05 -0000
> -----Original Message----- > From: marf-bounces@ietf.org [mailto:marf-bounces@ietf.org] On Behalf Of > Alessandro Vesely > Sent: Friday, April 16, 2010 3:53 AM > To: marf@ietf.org > Subject: [marf] Section 1.1 (was: Require body? > > Since the previous section is fairly generic, IMHO this should be more > specific, e.g. "mail operators", or "mailbox providers and email > service providers". +1 > IMHO this may be less specific, so as to broaden the class of > exemplified uses; e.g. "such as email service providers sending mail > that causes problems with abuse detection systems." How about: <t> potential issues with the perceived quality of outbound mail, such as email service providers sending mail that attracts the attention of automated abus detection systems. </t> > Do you mean to drop the last paragraph ("Please note [...] and SHOULD > NOT be used for other reports.")? Nope, that hasn't been removed. I just didn't cite it. > It is still unclear whether this section is meant to also cover future > extensions. I don't think we want to limit possible uses of ARF. > However, we may inform about alternative formats for reporting email > messages: rfc3462 for end users, and the upcoming > draft-cain-post-inch-phishingextns for network providers. Adding such > information may identify by exclusion our niche of treatable abuses > that are neither delivery errors nor manifest attacks. The abstract says that the format is extensible, and I think that's obvious once one looks down at the IANA stuff. And ARF is based on RFC3462 (it's a normative reference), so I'm a little confused as to your intent here. Can you propose some text? I think the focus is clearly on reporting about objectionable mail and not generic questionable network activity. That said, we might want to make a reference to the INCH work early on and explain why all the sites that have gone with ARF did so instead of using INCH. Some text about that (from such an operator on this list) would be really helpful, even if it's a statement that INCH was found to be too hard, or ARF was ready before INCH was, or such.
- [marf] Require body? Shmuel Metz (Seymour J.)
- Re: [marf] Require body? Murray S. Kucherawy
- Re: [marf] Require body? John Levine
- Re: [marf] Require body? Yakov Shafranovich
- Re: [marf] Require body? J.D. Falk
- Re: [marf] Require body? Shmuel Metz (Seymour J.)
- Re: [marf] Require body? Shmuel Metz (Seymour J.)
- Re: [marf] Require body? Shmuel Metz (Seymour J.)
- Re: [marf] Require body? Murray S. Kucherawy
- Re: [marf] Require body? Shmuel Metz (Seymour J.)
- [marf] Section 1.1 (was: Require body? Alessandro Vesely
- Re: [marf] Section 1.1 (was: Require body? Murray S. Kucherawy