Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Ned Freed <ned.freed@mrochek.com> Mon, 30 November 2015 15:40 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C07621B2E42; Mon, 30 Nov 2015 07:40:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.113
X-Spam-Level:
X-Spam-Status: No, score=-0.113 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RJ14w7nJALeZ; Mon, 30 Nov 2015 07:40:27 -0800 (PST)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.159.242.17]) by ietfa.amsl.com (Postfix) with ESMTP id 524141B2EA5; Mon, 30 Nov 2015 07:40:27 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01PTPUIUJP8W0052VT@mauve.mrochek.com>; Mon, 30 Nov 2015 07:35:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=mrochek.com; s=mauve; t=1448897718; bh=n7i70wwowq5/5Zt2MMZ0GEXW5cabSYVKAg97DmFi3hs=; h=Cc:Date:From:Subject:In-reply-to:References:To; b=BBr+8co3bLvp4/ZxFHcLm3ve1H2tl1WOgkePpUA+/e1MQ/sBWgNlk2EAspCFnw2YB CpFFP5PyNigM+GYzPaxmG2inBaY4UI8K/OZJtLuYJnb4ve6wEMcTgKy6BmUt4El5xZ zFpLKzfTapqizQWPio4vAJ9u1T/cHq9XYsqN84sw=
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: TEXT/PLAIN; CHARSET=us-ascii
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01PTC2EECTPC01729W@mauve.mrochek.com>; Mon, 30 Nov 2015 07:35:10 -0800 (PST)
Message-id: <01PTPUIP3IUK01729W@mauve.mrochek.com>
Date: Mon, 30 Nov 2015 07:19:09 -0800 (PST)
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Mon, 30 Nov 2015 04:46:14 +0000" <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com>
References: <20151130042819.10658.qmail@ary.lan> <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com>
To: Ted Lemon <mellon@fugue.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/WZaoibOKF4tlzgF3LRow1uWW7hE>
Cc: shutup@ietf.org, ietf-smtp@ietf.org
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2015 15:40:28 -0000

> Sunday, Nov 29, 2015 11:28 PM John Levine wrote:
> > Yes.  See the message you just replied to.

> The experience you related sounds like hobbyist activity, no offense.   I can't see how what you described could possibly scale to anything a large email provider would ever do, and indeed it's not something I would ever take the trouble to do, even though my domain has exactly two users.   If I get spam, I delete it.   I do not complain about it.  I do not attempt to understand where it originated.

> >>Since the only header-field you can actually trust is the first one that your own MTA adds, ...
> >
> > No, that's not correct.  See recent message.

> I saw the recent message, and again, what you described is something that
> doesn't scale.

I'm afraid again you're demonstrating that you really have no idea how this
stuff works at scale.

It is of course the case that Received: field analysis that depends on
knowledge of the domains involved doesn't scale to handle huge numbers of
domains. But that's irrelevant: Nobody cares about smalldomain.com's Received:
fields in this context, for any value of smalldomain.com.

The present day reality is that a significant fraction of mail originates
from a small number of domains. Those are the ones you care about. They're
the ones you care about, and since you can verify that mail actually came
from one of them through other means, you now have Received: fields you
can trust for a significant fraction of the mail you receive.

> If that is your model for how header-field messages are used for validation, I
> think what I said is actually more generally accurate.

Where on earth did you get the idea that Received: fields are used for
validation?

> Do you seriously think that Google has special-case header parsing to deal with
> spam from Cornell students' infected computers?   No, they just use machine
> learning.

I have no idea what Google does, but I can assure you Received: field analysis
does play a role in spam filtering elsewhere. And even if it didn't, there's
more to mail operations than spam filtering.

				Ned