Has a spam reporting header been considered, similar to the
List-Unsubscribe header in RFC2369?
Yes, but I doubt it would be very useful.
The problem is that bad guys can add the same headers as good guys, so
it would likely be mostly used as a way to deflect complaints away
from the ISP to the spammer. There are web control panels that add
X-Anti-Abuse headers that I find mostly useful as a high scoring
indicator in Spamassassin.
You could envision some way to check and see if a reporting header was
valid, but if you do that, whatever authority you contacted to check
for validity could as easily provide the reporting address directly.
The vast majority of ARF reports are sent as part of privately
arranged feedback loops, where a sender tells a recipient what its
outgoing IPs or DKIM signatures are, and the recipient sends a report
when a user marks a message as spam. I also use ARF for unsolicited
reports, finding the contact address through a combination of
abuse.net and a modest (3000 entry) private list of IP ranges. That
works reasonably well, but I'm not sure how well it scales.
The question of how to figure out where to send abuse reports has
come up many times in the past. You might want to look through the
archives and the wiki.
Asrg mailing list