Seth Breidbart <sethb(_at_)panix(_dot_)com> wrote:
You mean, if someone can't tell the difference between non-spam and
spam then he can't tell the difference between non-spam and spam? How
is that a useful observation?
For one, many people don't get that. See previous discussions I had
with you, where you claimed that forged mail sent on your behalf by a
news service was "legitimate". When I responded that it was difficult
to impossible for the recipient to tell this, you re-iterated your
belief that the recipient should treat the message as legitimate, but
did not describe any method an MTA could use to make that decision.
Many people have a blind spot, that the messages *they* believe to
be spam can be treated as spam by all MTA's, and the messages *they*
believe to be legitimate can be treated as legitimate by all
MTA's... just because they say so. That's nice, but I'm interested in
things I can implement on the network. Random messages on mailing
lists saying CNN is a "legitimate" source of mail are irrelevant.
The recipient *may* decide _anything_.
See the previous comment on blind spots. Many people believe that
*their* criteria for distinguishing spam from non-spam is the *only*
criteria, and that everyone should use it, and nothing else.
My position is that I have my personal beliefs, but I'm trying to
work with others to design a system where each recipient can make
their own decisions, based on their own policy. Yet most of the time
I say that, I get responses like "Your criteria are wrong! You're
trying to force everyone to use *your* system! I don't like that.
Everyone should be forced to use *my* system!"
As Spock says, "Fascinating."
Going back to the original question of maybe-forged-From
vs. known-not-forged-From, the former is much more likely to be spam;
but most of my legitimate email is in the latter category, so treating
it all as spam would be foolish.
If you know it's not forged, then treating it as spam would be
idiotic. I find it interesting that you're implying I've proposed
such idiocy.
Once again: HOW do you know it's not spam? If you can't find the
relevant information and use it in your MTA, then it can't make that
spam/non-spam decision.
We can use the following information, for example:
a) whitelisted IP's
b) whitelisted domains (accept messages from any MX in that domain)
c) whitelisted mailing lists (domain, and/or body to:)
d) content filters
e) etc.
It's trivially obvious that if a "forged" message comes from a
whitelisted IP, then the recipient MAY choose to treat it as non-spam,
even though it appears to be forged. In this case, the recipient has
information: the whitelist, which allows it to make the "non-spam"
determination.
For other messages, which fall into the "swamp", where MAIL FROM
doesn't match a whitelist, source IP is not a recognizable MX, body
FROM doesn't correspond to MAIL FROM or rDNS of the source IP, then
there is often NO WAY to tell if that message is legitimate or not.
Sure, you can pass it through a content filter, but magic filters
aside, what content filter is perfect?
At best, you've just spent a lot of CPU time and memory to do
content filtering, and then determined that the message, like 99.99%
of such messages, was spam. What's your incentive now to keep
performing the content filtering? What's your incentive to continue
accepting such forged messages? What's your incentive to design a
system where people can more easily discover such forgeries?
I've been a proponent of systems like RMX or LMAP, which allow
domains to publish information that gives a recipient sufficient
information to determine that a "forged" message from a roaming user
is, in fact, legitimate. Such information is often impossible to find
on the network today. I've been a proponent of such systems because I
want to KNOW that a message isn't spam. I want to design a protocol
so that my MTA can make an informed decision that a message was
legitimate, just like you claim you want to do, too.
And despite my public position being in *favour* of such systems, I
*still* get accused of wanting to forbid that behaviour. I'm amazed
and appalled at the simple inability to read what I've wrote, and to
remember it from day to day. I'm amazed that the people making such
accusations aren't proposing *any* way for an MTA to make those
decisions itself. I'm amazed that they think that statements on
mailing lists about "legitimate" messages matter somehow to an MTA.
MTA's don't read mailing lists.
To quote Spock again, "Fascinating."
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg