Eric S. Raymond wrote:
Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com>:
What about a spammer forging the header coming from the filter?
Policy issue. You may decide you only want to trust endorsements generated
locally, but the standard header would still be very useful even so.
Suppose for example, that I have a milter that extracts certain header
features indicative of forgery that would be invisible to an
exclusively token-oriented Bayesian filter. Then what I'd want the milter
to do is say this:
Filtered-By: forgerfinder-1(_dot_)0(_at_)thyrsus(_dot_)com:bogus-trace=yes;
Then the Bayesian filter would be able to "see" the forgery.
Forging these reputation headers would be a criminal offense under CAN-SPAM.
Would someone be willing to volunteer to write up an evaluation document
following the checklist in the end of the following draft (section 6.1):
http://www.ietf.org/internet-drafts/draft-crocker-spam-techconsider-02.txt
Yakov
-------
Yakov Shafranovich / PGP Key: 0x10D051E6 / www.shaftek.org
SolidMatrix Technologies, Inc. / www.solidmatrix.com
"I ate your Web page. / Forgive me. It was juicy / And tart on my
tongue." (MIT's 404 Message)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg