ietf-asrg
[Top] [All Lists]

RE: [Asrg] Ban the bounce; improved challenge-response systems

2003-04-08 10:46:27

About half of spam in my inbox has a "hotmail" or "yahoo" 
return address. 
I wouldn't bounce a message to that address based on content, although
I realize that the address is unlikely to be active. 

That is the rough figure we see. Does any of that spam
actually come from that source though?


  2. many are of innocent third parties.

I don't know how many are innocent third parties. I get a few bounces
every week as an innocent third party myself, but I don't 
know if that is
typical. It may reflect the fact that most content based 
scanners don't
bounce mail. 

I get no bounces from content scanners, but I get a lot 
from the mail systems themselves trying to deliver to 
non-existent addresses.


  3. "content based spam detectors" must use bounces to 
indicate false
      positives instead of STMP status codes.

I agree they don't have to. But none of the scanners 
presented at the MIT spam conference could.

I don't think that is practical. Very few sites could afford 
to put in place the level of processing required to be able
to support their peak mail throughput. Being able to delay 
messages by up to five minutes cuts the processing requirements
to a tenth, or better.

What I would like to see though is a modification of the
way the bounces are reported. I would like to see a header
that specifies the SMTP status codes that would have been
returned. This then allows the client to process the bounce
in a sensible fashion from a UI standpoint.

My point is that the users should NEVER see signalling data.
There should not be a UI difference between messages handled
inband and those handled asynchronously.

        Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg