ietf-asrg
[Top] [All Lists]

RE: [Asrg] seeking comments on new RMX article

2003-05-05 09:14:23
On Sunday, May 04, 2003 9:45 PM, Mike Rubel 
[SMTP:asrg(_at_)mikerubel(_dot_)org] wrote:
8<...>8
AD> Used properly, RMX doesn't prevent anything.  It simply allows the
AD> recipient MTA to make faster, better decisions about how to deal with
AD> the email.

SN> "used properly" aye - there's the rub.
SN> Draft-danisch-dns-rr-smtp-01.txt mentions that receiving servers
SN> are free to drop email that doesn't have an RMX record.
SN> That may be true, but IMO it isn't best practice.

Yes it may not be Best Practice, however that does not 'matter' for the 
specification it would matter on implementation (which is in this case is left 
to the discretion of the administrator and/or developer) or configuration.

Receivers are free to do anything they like with the email; I had pictured
RMX providing information to (for example) spamassassin.

That is a salient point and addresses one of the concerns with proposal 
requirement recently introduced:

On Sunday, May 04, 2003 12:26 PM, Alan DeKok 
[SMTP:aland(_at_)freeradius(_dot_)org] wrote:
  Based on recent discussions, I would suggest an update to the requirements:

1.  must minimize unwanted messages to some acceptable level
2.  must not affect delivery(latency, integrity, cost, reliability) of
    wanted messages to a point that would effect the normal use of email

  2a) must not require that any message be accepted or rejected

  Much of the discussion around anti-spam systems indicates that most
people think that anti-spam systems are "either-or" type of systems.
i.e. As a result of applying the system to the message, it is either
accepted or rejected.  I would like to discourage such thinking.

  Anti-spam systems should be designed to give the local administrator
more information with which to make accept/reject decisions.  The
systems themselves hould not require that the adminstrator do anything
with the message, as the action taken after deciding a message is spam
is entirely up to local site policy.

I agree with Alan's assessment and it appears to be addressed by the comments 
suggested.


SN> The questions I have are;
SN> What percentage of the people who use it will use it improperly?
SN> And what happens when it's used improperly?

If it's used improperly, then mail gets dropped--the same thing that
happens when the recipient's mail server or DNS is configured improperly,
or if its spam filter is too aggressive.  Users complain, and the system
gets fixed.

Exactly.

RMX is about the least-complicated (and therefore least error-prone)
solution to this problem that I've seen, though.  Do you know of other
solutions are less likely to be used improperly?

I tend to agree with that (as an incremental solution) e.g. forgery.

-e
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg