From: "David F. Skoll" <dfs(_at_)roaringpenguin(_dot_)com>
What are the *detectable* differences between a spammer and a legitimate
mass mailer, assuming we can't read the minds of the recipients?
There are no such differences, detectable or not. Setting asside
arguments about legal or AUP definitions, spam is fundamentally unwanted
bulk mail. "Bulk" because isolated abuse is not a problem that needs
attention by the IETF/IRTF and "unwanted" because that's what it is.
Any "legitimate mass mailer" becomes a spammers simply by sending to
people who don't want the stuff. A spammer becomes legitimate not
sending to people who don't want the stuff.
] From: "David F. Skoll" <dfs(_at_)roaringpenguin(_dot_)com>
] > 1) a legitimate bulk emailer **should** conform to the general rules
] > regarding bulk email - there are around 8 or so headers that shold
] > be added to bulk email. However as a number of companies block
] > email that conform to these rules as 'spam', legitimate bulk
] > emailers are no longer confirming. This means that purely from
] > message contents and headers it is difficult to tell the difference.
]
] Exactly.
"Exactly"? Who blocks messages simply because they have List-Unsubscribe
and similar headers such as those listed in RFC 2369?
] Which is why we need a distributed detection system to detect
] spam runs, and I believe the percentage of bad recipient addresses in
] a given run is a pretty reliable measure.
I disagree, because many spammers work hard to remove bad addresses
from their target lists. Other spammers don't, but still others work
hard to honor "unsubscribes" or "removes." Generalizations such as
"all spammers have lots of bad addresses in their lists" are as wrong
as "all spammers use open relays" or "spam involves forged headers."
I think the only way to detect spam runs is to examine passing mail bodies
and look for those that are substantially identical and therefore bulk.
However, perhaps I'm biased because that is exactly what the DCC does.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg