On Tue, 6 May 2003, Dave Crocker wrote:
What has not yet been explained is why anyone thinks it is critical to
prevent claims that email is coming from aol.com?
how will preventing spoofing reduce spam? (I am making a very large
stretch, here, and am assuming that folks actually have the goal of
reducing spam.)
it would help, for example, to see some sort of analysis that shows that
spoofed spam is somehow more dangerous than non-spoofed spam.
Assertion:
Being able to make spam appear to come from aol.com has
a positive value to spammers.
Proof:
They do it; if it had zero or negative value, they would not.
Possible reasons:
1. It makes the spam more difficult to block, since a lot of people
receive legitimate mail from AOL. This is another way of saying
that being able to forge AOL helps trick people into opening spam.
2. It dumps the backlash on AOL, instead of the spammers' domains.
Therefore, removing spammers' ability to spoof AOL deprives them of
something they value.
How large is the value? I don't know; ask the statistical filters, which
are more likely to reject email from some unknown domain than they are to
reject mail legitimately from aol.com. But I can tell you that the value
is larger than zero.
Mike
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg