Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Ted Lemon <mellon@fugue.com> Mon, 30 November 2015 03:25 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E68B1A0102 for <shutup@ietfa.amsl.com>; Sun, 29 Nov 2015 19:25:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.487
X-Spam-Level:
X-Spam-Status: No, score=-2.487 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.585, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mqQv7g_0g-qZ for <shutup@ietfa.amsl.com>; Sun, 29 Nov 2015 19:25:05 -0800 (PST)
Received: from fugue.com (mail-2.fugue.com [IPv6:2a01:7e01::f03c:91ff:fee4:ad68]) by ietfa.amsl.com (Postfix) with ESMTP id 6B3021A00FE for <shutup@ietf.org>; Sun, 29 Nov 2015 19:25:04 -0800 (PST)
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="----sinikael-?=_1-14488539010280.9295437661930919"
From: Ted Lemon <mellon@fugue.com>
To: shutup@ietf.org
In-Reply-To: <20151130031150.10420.qmail@ary.lan>
References: <20151130031150.10420.qmail@ary.lan>
Date: Mon, 30 Nov 2015 03:25:01 +0000
Message-Id: <1448853901597-329fed8f-51e32284-4f77ee26@fugue.com>
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/90fDIlH6K6DjRhZo2fmRmgM9-Yg>
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2015 03:25:06 -0000

Sunday, Nov 29, 2015 10:11 PM John Levine wrote:
> Spam filters have been doing Received chain analysis for about 20
> years.

Yes, I know.   A friend of mine founded a company that worked using this principal.   Unfortunately, it got less and less effective as spammers got better and better at faking things.   The reason I asked for recent experience is that I'm curious if anyone is _still_ getting real benefit from this.

Since the only header-field you can actually trust is the first one that your own MTA adds, SPF works just as well (actually, a _lot_ better) as a validation mechanism.   If SPF isn't in use, the sender can just claim to be a legitimate agent for the source domain, and you have no way to check that claim.


--
Sent from Whiteout Mail - https://whiteout.io

My PGP key: https://keys.whiteout.io/mellon@fugue.com