Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Richard Clayton <richard@highwayman.com> Mon, 30 November 2015 12:05 UTC

Return-Path: <richard@highwayman.com>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12B7B1AC3F7; Mon, 30 Nov 2015 04:05:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.353
X-Spam-Level: *
X-Spam-Status: No, score=1.353 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AYnaQ91DCYyk; Mon, 30 Nov 2015 04:05:50 -0800 (PST)
Received: from mail.highwayman.com (happyday.demon.co.uk [80.177.121.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BAE51AC3E6; Mon, 30 Nov 2015 04:05:50 -0800 (PST)
Received: from localhost ([127.0.0.1]:31046 helo=happyday.al.cl.cam.ac.uk) by mail.highwayman.com with esmtp (Exim 4.86) (envelope-from <richard@highwayman.com>) id 1a3NDH-0008ci-Ds; Mon, 30 Nov 2015 12:05:47 +0000
Message-ID: <glJrvFDUtDXWFA87@highwayman.com>
Date: Mon, 30 Nov 2015 12:04:36 +0000
To: Ted Lemon <mellon@fugue.com>
From: Richard Clayton <richard@highwayman.com>
References: <20151130042819.10658.qmail@ary.lan> <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com>
In-Reply-To: <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com>
MIME-Version: 1.0
X-Mailer: Turnpike Integrated Version 5.03 M <bW2$+Pb377P5BNKLWCX+d+VIeV>
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/AMXRggrSJgYoZif8xy6ihfLgLN0>
Cc: shutup@ietf.org, ietf-smtp@ietf.org
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2015 12:05:51 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In message <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com>om>, Ted
Lemon <mellon@fugue.com> writes

>Do 
>you seriously think that Google has special-case header parsing to deal with 
>spam from Cornell students' infected computers?   No, they just use machine 
>learning.

... and one of the things that the ML will be processing will be the
(tokenised contents of the) header fields... so having a pattern (of any
kind) within the header fields has the potential to be extremely helpful
in distinguishing good from bad

>SPF allows me to discard all messages that claim to be from domain X but come 
>from IP addresses not listed for domain X, which means that I never have to 
>write a Received: header for that message.

It rather escapes me how one of your users will be able to determine
whether you received the email from a domain which had SPF at the time
at which you received it unless you record that information along with
the email (or do you think that DNS results are constant for all time?)

If you're relaying the email on to somewhere else then you're assuming
that there's a mechanism by which your policy regarding SPF becomes
known to those other people.

I'm unaware of such a mechanism existing at the moment -- and (this
might be relevant to charters, albeit I really don't think that there's
any real mileage in this topic at all) that although we have a scheme
for originators of email to publish policy recommendations about the
handling of email from their domains we don't have a similar policy for
relaying machines (and absent a Received header field it's unclear to me
what indicator we'd use to look up what that policy was).

>   If there is no SPF for the domain 
>that sent the message, I would like to just discard it as spam, but that's not 
>safe to do because so many small sites don't implement SPF or get it wrong.   
>But in any case where there is no SPF record, the site is definitely not 
>trustworthy:

that's a shame, I consider myself very trustworthy and I've never
bothered with SPF :-(

- -- 
richard                                                   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBVlw7VOINNVchEYfiEQLyGQCghamhwwd4RueAaba0LQpvriswU54AoLwO
DeHiYX3uumCKRBVmKY6zN4j9
=TXrC
-----END PGP SIGNATURE-----