Re: [Rucus] ARF BoF: no SIP?
John Levine <johnl@taugh.com> Sat, 19 September 2009 01:59 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: rucus@core3.amsl.com
Delivered-To: rucus@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CE44B3A6878 for <rucus@core3.amsl.com>; Fri, 18 Sep 2009 18:59:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -18.843
X-Spam-Level:
X-Spam-Status: No, score=-18.843 tagged_above=-999 required=5 tests=[AWL=0.356, BAYES_00=-2.599, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rUznY+L7rHzJ for <rucus@core3.amsl.com>; Fri, 18 Sep 2009 18:59:47 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [208.31.42.53]) by core3.amsl.com (Postfix) with ESMTP id CE80D3A6765 for <rucus@ietf.org>; Fri, 18 Sep 2009 18:59:46 -0700 (PDT)
Received: (qmail 43521 invoked from network); 19 Sep 2009 02:00:41 -0000
Received: from mail1.iecc.com (208.31.42.56) by mail1.iecc.com with QMQP; 19 Sep 2009 02:00:41 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding; s=k0908; olt=johnl@user.iecc.com; bh=LBpvBPUB57n87OtLWM4mlO98zpsNF0hhAMv2Ia+7x/s=; b=nptVFoxVkfhAS/FMdGa0gPY56+RY8DO7tVeXQ1BE1XVby+2B2sCNsPGvWo8YSIidX8SaL/2Snt+x6q7mVnhEll9h5axLZ/sYwuMYAjbNPAYXJoiqDoi5RKBNbsgCVId/vXCroVlc1eLM12xQTIFSsDjeaWNC2rUg6rTLdFFkHy8=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding; s=k0908; bh=LBpvBPUB57n87OtLWM4mlO98zpsNF0hhAMv2Ia+7x/s=; b=GF9QqT2mUTC4trmfrM2newvMid25PF8oSfrQ0tf8BTK9F7V6eRycW01YZ9qVTLyPlgUttWy08XcJrsE/ZiWCO/rkNw/ZXHehsLGIEBehW5WEASG/tky3DDCi63ACwtfZNjzoQDSuWcwYz68y72xp+ph9GIAaKWNJ5qCND7IjSB4=
Date: Sat, 19 Sep 2009 02:00:41 -0000
Message-ID: <20090919020041.2533.qmail@simone.iecc.com>
From: John Levine <johnl@taugh.com>
To: rucus@ietf.org
In-Reply-To: <021101ca37f4$81144e60$5da36b80@cisco.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="iso-8859-1"
Content-transfer-encoding: 7bit
Subject: Re: [Rucus] ARF BoF: no SIP?
X-BeenThere: rucus@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Reducing Unwanted Communication Using SIP \(RUCUS\)" <rucus.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/rucus>, <mailto:rucus-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rucus>
List-Post: <mailto:rucus@ietf.org>
List-Help: <mailto:rucus-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rucus>, <mailto:rucus-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Sep 2009 01:59:47 -0000
>Interesting that while they list SSH, FTP, and "web server" attacks as >possible extensions, but SIP isn't listed. I'll throw it into the pot. Although there are people who wish it were otherwise, the current ARF format is tightly tied to reporting metadata about an individual e-mail message, and that's not likely to change. There's interest in a more general abuse report, but I have not yet succeeded in getting people to explain why, other than a dislike of XML, we wouldn't just be doing a rerun of INCH. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly.
- [Rucus] ARF BoF: no SIP? Dan Wing
- Re: [Rucus] ARF BoF: no SIP? Peter Saint-Andre
- Re: [Rucus] ARF BoF: no SIP? John Levine
- Re: [Rucus] ARF BoF: no SIP? Dan Wing
- Re: [Rucus] ARF BoF: no SIP? John R Levine
- Re: [Rucus] ARF BoF: no SIP? Dan Wing