I agree with John. Furthermore, I think it is a great idea and should be
pursued.
I use Eudora for my Windows mail client (so I don't suffer from all the
trojans that are so prolific with Outlook). When I try to forward spam to
the various abuse departments, Eudora almost always if it is HTML mail
succeeds in munging the original message sometimes making me wonder how
useful it is to the abuse department. (This is caused by the HTML being
loaded into Eudora and then being saved back out again -- as if it were
composed in Eudora and not in its original format.) I wouldn't be
surprised if this were not an isolated case as far as mail readers go. The
standard should ensure that the original spam is sent back to the abuse
department in its entirety including full headers obviously and not some
reconstruction by the mail client.
I think that Mime parts would be the way to go. Furthermore, I think a
standard reporting address should be specified. Most have settled on
abuse(_at_)domainname(_dot_)com but not all and it is only an informal standard at best.
If an ISP were able to in real time analyze the complaints, they could
compare the messages that were forwarded in the complaints against outgoing
mail streams and quickly isolate which user is sending the offending
messages. This could be done by any number of means the most obvious would
be some sort of Bayesian or vector space model filtering. In either case,
it would not be too difficult to automate to some degree relieving the
abuse department from much of the load.
-Art
--
Art Pollard
http://www.lextek.com/
Suppliers of High Performance Text Retrieval Engines.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg