ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: draft-danisch-dns-rr-smtp-01.txt

2003-04-27 19:15:00
From: Scott Nelson <scott(_at_)spamwolf(_dot_)com>

...
Also, lots of domains map to the same IP, 
but there can be only one domain per rDNS.
(Well, actually there is a proposal for a way to have more than one,
but to the best of my knowledge there's little to no software support for it.)

Yet another way to compare envelope sender domain and SMTP client is
to require that one of the IP addresses in A or MX RRs for the sender
domain name is the same as IP address of the SMTP client.  This test
also yields a valid "not spam" answer most of the time, and suffers
from what I think is an intolerable false positive rate.  It is overall
the same as the other mechanisms that hope to determine whether a
given SMTP client is allowed to send mail for the envelope domain.


But all these methods fail IMO, because any technique that connects an 
IP to a domain has to make the assumption that email that originates 
...

Please don't confuse me with an advocate for any of these tactics.
In my view, all of the existing and proposed mechanisms have
  - false positive rates that are too high,
  - assume relationships among organzations, domain names, and IP
     addresses that always will be frequently and legitimately false,
  - assume that mail from strangers is undesirable
and/or
  - assume that it is easy to deploy new protocols.


...
I have the distinct impression that many contributors to this mailing
list see its purpose as making changes to SMTP desite nitpicking
considerations such as reducing spam.  

Then say that.  Don't get lazy and call me an ass for suggesting something
that's contrary to an RFC, call me an ass for being too lazy to explain 
why my change would make things better (or even if it would).
If you feel you must mention an RFC, then say something like;
"RFC2821 suggests that for a reason, and you haven't supplied a better one."

When did I call you an ass?  If you are saying that my mentioning
RFCs is insulting, then expect more insults.  I have no intention
of referring to RFCs less frequently.  I mention RFCs so that people
can see if I misunderstood or invented something and easily produce
corrections.

Footnotes and bibliographies, whether formal or not, cannot be insults
by their mere existence in a "research task force" mailing list.
Offering or asking for evidence or measurements to support claims is
never by itself insulting, off-topic, or mere negativity here.


...
The only nominal work items I'm aware of come from
...

There are at least 3 documents that have been mentioned as on the
road to becoming I-Ds.

In addition or even instead of those, I would like to see one or two
documents that define notions such as
  - what mail has implicit consent to be sent to a public mailbox
  - what constitutes explicit consent to receive additional mail and
     what doesn't ("opt-out," "double opt-out," "opt-in," "double opt-in,"
     "super duper practically impossible for an advertiser opt-in")
  - "spam," perhaps not using the S-word itself but some other such
      as "consent-violating" mail.

It would also be good to publish much of D.Crocker's recent essay.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>