Murray S. Kucherawy wrote:
The collection you have is an aggregate of many sites. However, in
reality each site will have a different PCN.
Naturally. And we can select for the data for a specific site if
that's useful. But in terms of input for developing a standard,
even you must agree that an aggregate view is at least as important
as a local one.
But since you asked, selecting only for my own server, there are
11 domains in the top relaxed/relaxed senders list before we hit
the first obvious spammer. Those are responsible for 7301
relaxed/relaxed messages out of the 16581 total that server has seen,
or 44%. And there are lots of obviously legitimate senders below that,
but I wanted to keep this report simple. Even so, it still doesn't
concur with the apparent extremeness of your data, nor do I understand
why this is an interesting statistic.
I agree with the OP, the data implies the selection of relaxed was
done with forethought. After all, it is not the default.
One poster stated it might be lack of understanding or just the
appearance it is better or that the knob is too easy to set.
I stated one SWAG (Scientific Wide Ass Guess), based on what my PCN
(Personal Community Network) samplings are showing - private domains
tend to use the stronger C14N, spammers tend to use relaxed C14N.
That is not a generalization for everyone, although I do personally
believe its logical and probably representative of most systems with
the idea spammers are broadcasting their messages to more than one
receiver. i.e. I would expect all receivers to see the same data
results from mail sent by Long Horn Steak House, Red Lobster, Olive
Garden food coupon spammers (same organization, different domains).
Finally, it isn't really that extreme from your 44%; in my PCN, 64% of
the domains use relaxed/relaxed. Thats two PCN's - average 54%. But
your aggregate data shown in an early post, moves it higher; 81%
domains using body relaxed), 89% domains using header relaxed. Could
not see data for the relaxed/relaxed set but I will venture that group
I can only see two things worth noting:
- People are very conscious of deviating from the default,
- Observation that most spammers use the relaxed C14N
also from your aggregate data:
- failure/passage rate is nearly the same for simple vs relaxed.
Does it mean anything?
Well, it depends on one's perspective.
Does it change anything?
Probably not. The OP was probably making an indirect suggestion to
consider other C14Ns. But I don't known if that was the intent with
the subject "New canonicalizations."
Hector Santos, CTO
NOTE WELL: This list operates according to