Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Dave Crocker <dhc@dcrocker.net> Fri, 04 December 2015 16:54 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F0981A8A10; Fri, 4 Dec 2015 08:54:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DVFCaKbtm_Df; Fri, 4 Dec 2015 08:54:31 -0800 (PST)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F362F1A8A0E; Fri, 4 Dec 2015 08:54:30 -0800 (PST)
Received: from [10.45.248.234] ([156.39.10.45]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id tB4GsUDX016876 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Fri, 4 Dec 2015 08:54:30 -0800
References: <20151130042819.10658.qmail@ary.lan> <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com> <01PTPUIP3IUK01729W@mauve.mrochek.com> <11d014e5-9a6a-4b78-92a1-8e0a1e0a905d@gulbrandsen.priv.no> <01PTRE1WMUMQ01729W@mauve.mrochek.com> <1448995610381-36d96644-173d7bf5-b94de12d@fugue.com> <565DF2F0.6050207@mustelids.ca> <1449025790038-5861f0d7-9427eca4-6b12d71f@fugue.com> <5661B1AF.6060603@mustelids.ca>
To: shutup@ietf.org
From: Dave Crocker <dhc@dcrocker.net>
X-Enigmail-Draft-Status: N1110
Organization: Brandenburg InternetWorking
Message-ID: <5661C55E.8040704@dcrocker.net>
Date: Fri, 4 Dec 2015 08:54:54 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <5661B1AF.6060603@mustelids.ca>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Fri, 04 Dec 2015 08:54:30 -0800 (PST)
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/4sc4BGBGKk_WkUeJ82sRmlvFOUo>
Cc: ietf-smtp@ietf.org
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Dec 2015 16:54:32 -0000

On 12/4/2015 7:30 AM, Chris Lewis wrote:
> On 12/01/2015 10:09 PM, Ted Lemon wrote:
> 
>> I am very curious to hear your numbers, as long as you explain how you
>> got them.  I don't mean explain your spam algorithm--I mean
>> characterize your sample, and explain why you think it's a good
>> sample, and explain your methodology: what you did to the sample for
>> test A versus what you did for test B.   Interesting things to do for
>> the test sample to differentiate it from the control sample would be
>> removing the last Received header field entirely (last in sequence,
>> meaning first added), modifying the From clause for example as Stephen
>> Farrell suggested, or simply deleting the From clause but keeping the
>> rest of the last Received header field.
> 
> The issue here is even describing the methodology of comparing the test
> sets and the discussion about how it's very difficult to catch the same
> spam in other ways, reveals altogether too much information for spammers
> to use.


There's a deeper problem with this line of query.

I believe we have reasonable consensus about the facts and about the
basic issues, from the various folk who spend fulltime working in this
space and have posted to this thread.

Hence, queries of the 'show your work' type move into the realm of
etended tutorial to non-experts, rather than helping to the vetting of
foundational issues for creating a working group.

Extended tutorial material is well and good in the right context, but it
is not typically considered appropriate for vetting a working group
creation effort.  Worse, I believe the tutorial exercise has been going
on for quite a few days now, which makes it costly, as well as wasteful.

d/
-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net