At 07:59 PM 7/7/2003 -0400, Yakov Shafranovich wrote:
At 07:23 PM 7/7/2003 -0400, Elric Pedder wrote:
<snip>
I don't believe you can stop false positives -- if only because
people will have widely varying opinions on what SPAM (to them)
is. It is, however, very dangerous to allow false positives
because if anything the perceived "reliability" of the Internet
becomes compromised.
I would recommend
"Any measure for stopping spam must ensure that all messages
either reach the intended recipient, or are returned to the
sender, or the sender notified."
How would this fit within the consent model? If a RECEIVER revokes consent
for a specific sender, then messages from that SENDER cannot be delivered?
Different RECEIVERS on the same system can have different policies. One
RECEIVER might reject the message (revoked consent), while another accepts
it (consent).
When the SENDER attempts to deliver the message to both recipients one will
be accepted during the SMTP conversation and the other would not be.
If the policy was not clear at the time of the SMTP conversation then other
mechanisms would be used to notify the SENDER that the message was rejected
by one or more recipients according to the applicable policies.
_M
PS: I do not necessarily agree that the SENDER must be notified in ALL
cases since there are forms of abuse that rely on this, however I would
agree that it would be a "best practice". It should be implemented as part
of any consent policy as an action to be taken when consent is
denied/revoked. Legitimate bulk senders would then also have a best
practice to automatically remove the RECEIVER from their list and
unsubscribe them if they received such a notice. In any case, making these
recommendations an indication of "best practice" would allow the
specifications to indicate _should_ rather than _must_ which makes more
sense for some implementations.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg