I think this thread is about run out, but I will comment on a couple of
items.
On Tue, 8 Apr 2003, Vernon Schryver wrote:
1% false positive rates are accepted only by people who don't really
care about mail. People who make their living on the net do not
tolerate false positive rates significantly higher than the underlying
error rate of the mail system or 0.1%, whichever is higher. (15 or
20 years ago the net lost 1% or more of all messages, but like the
telephone system 50-75 years ago, expectations changed.)
But a content based scanner can't DSN all its hits - most of the return
addresses are forged and many are of innocent third parties. So a
technique that makes sure the sender gets a notice (if the sender is
legitimate) without generating lots of notices to innocent third parties,
is an improvement over the current usual practice.
That assumes statements not in evidence and that I think are wrong:
1. most return addresses of messages caught by spam filters are forged.
About half of spam in my inbox has a "hotmail" or "yahoo" return address.
I wouldn't bounce a message to that address based on content, although
I realize that the address is unlikely to be active.
2. many are of innocent third parties.
I don't know how many are innocent third parties. I get a few bounces
every week as an innocent third party myself, but I don't know if that is
typical. It may reflect the fact that most content based scanners don't
bounce mail.
3. "content based spam detectors" must use bounces to indicate false
positives instead of STMP status codes.
I agree they don't have to. But none of the scanners presented at the MIT
spam conference could. I agree that it would be preferrable to do so, but
many here argue that it is not practical for large sites. I don't mean to
agree with them, but to accomodate their beliefs, in the interest of
obtaining agreement.
The only scanner I know of with this characteristic is "Canit", whose
author/publisher is a contributor to this list.
There is limited evidence to disprove #1 and #2, but #3 is obviously
wrong. Many content based spam detectors operate during the STMP
transaction and so do not themselves cause bounces.
They are to be praised. If I were King, I would allow only those scanners
to be used.
Restricting DSNs to the connecting host and its MXs is a reasonable
compromise along these lines.
The problem with that notion is that it is impossible to define, not
to mention implement. It makes no sense unless you assume more things
that at best have not been established:
4. that STMP clients (mail senders) are also SMTP server (mail receivers)
5. that relays are wrong or unneeded.
I understand that the connecting host may not wish to receive mail, and
ask only that if have an appropriate MX to receive mail on its behalf. If
you think that unreasonable, you should expand on why.
It is true that a few DSNs would not find their way to legitimate senders
but if senders find that a problem, in the fullness of time, their mail
administrators may find ways to accomodate them....
Waiting for the fullness of time for mail administrators to find a
solution to lost data is not a widely respected tactic for protocol
design, at least not in professional circles.
.........
You are not listening. I am suggesting an alternative to dropping messages
on the floor. I am not advocating dropping messages on the floor.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg