ietf-asrg
[Top] [All Lists]

Re: [Asrg] Please critique my anti-spam system

2005-01-08 11:27:51

No innocent user will ever get an erroneous bounce if a few of the
large consumer ISP adopt the system;
I must admit I find this statement utterly incomprehensible - or more
precisely, I find the idea that anyone of your obvious intelligence
could believe it utterly incomprehensible.  How will - how *could* - "a
few of the large consumer ISPs" adopting your system, or any other,
prevent a small site handling its own mail in, say, San Jose, from
sending an erroneous bounce to a user at a small site handling its own
mail in, say, Ottawa?

I was unclear.  What I meant was that it would be a simple matter for
and email provider to recognize a bounce sent via my system.

And for the gazillion of similar schemes, too? The examples on your web
site don't look like standard DSNs (you don't even say if the "bounces"
are sent with an empty envelope from or with 
<Autoresponder(_at_)domain(_dot_)com>
as the mail headers suggest), they look like free form text. Currently
everybody implementing your scheme is very likely to generate different
bounce messages - and from experience with handling bogus "a mail you
sent was blocked because of a virus" messages I can tell you that they
are not easy to recognize.


I did not specify it on my website, but I envision that the bounces would
have somekind of standard tag that would be used to identify it as a bounce.
This standard tag could be used by a gazillion other schemes that employ
bounces, but I am not aware of any other scheme utilizing bounces that
warrants mass adoption.

The email provider could then check to see if the recipient had
previously sent out an email to the supposed source of the bounce.  If
the recipient had not sent out this earlier email then the bounce that
is coming in must obviously be an erroneous bounce and it would then
be blocked.

The supposed source of the bounce is <Autoresponder(_at_)domain(_dot_)com>.
Assuming you mean the failed address, how does the MTA get that? Is it
supposed to parse the English sentence "The following message that you
sent to Joe(_at_)domain(_dot_)com was blocked ..." (and its Chinese 
translation)?
Please use at least an already standardized format for DSNs (sie RFC
3461) if you want at least a small chance that MTAs will behave as you
expect them to behave.


You are right.  Instead of saying Autoresponder(_at_)domain(_dot_)com it should 
say
Joe(_at_)domain(_dot_)com(_dot_)  I was trying to emphasize that it was an 
automated email
as opposed to a personally written email.  I will need to correct my website.
 
Michael Kaplan
-- 
_______________________________________________
Find what you are looking for with the Lycos Yellow Pages
http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.com/default.asp?SRC=lycos10


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg