ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Re: bounces, and anit-spam principles

2007-01-23 10:00:59
from [Dan Oetting] [Permanent Link] 

On Jan 22, 2007, at 11:25 PM, David Nicol wrote:


On 1/22/07, Dan Oetting <dan_oetting(_at_)qwest(_dot_)net> wrote:

That works if you don't mind taking the long route. I was thinking of
a more direct path of sending a specific response code in the SMTP
transaction. A really smart smarthost might be able to then fix the
problem before the site gets blacklisted.

-- Dan Oetting
I for one caught that drift. It wouldn't need to be its own ESMTP keyword, just some specific text following the 550 rejected on policy grounds. Perhaps 
the word "spam."
So, a conformant sending domain, on seeing a /^550 .+spam/i response, would 
do what exactly? Log the fact?  Page a sysadmin?
Just like most blacklists wouldn't list a site for a single email hitting a spamtrap, the host would not be expected to take action against a user for sending the single email unless there were extenuating circumstances. If the host is on probation or a gray list for currently spamming it may be necessary to throttle the user to prevent escalation to a blacklist.
You don't want to reveal the spamtrap address to the user. If the users account has been taken over by a spammer it could wash the address from its lists and then you loose that method of identifying the spamers next identity. These traps should not be used for blacklisting because if they are identified by the spammers they could be abused to generate false listings.
The spamtraps should only be revealed between cooperating ISPs. And each trap should only reveal itself to a fraction of the connecting hosts to keep from revealing all the traps to a rogue ISP that joins the group. The response code given to reveal the trap should be an accept code (2xx) so that the text is not passed to the user by default if the smarthost MTA is non-conforming. 

-- Dan Oetting
(sent to the list this time)

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Re: bounces, and anti-spam principles, gep2
Next by Date:  Re: [Asrg] Re: bounces, and anti-spam principles, gep2
Previous by Thread:  Re: [Asrg] Re: bounces, and anit-spam principles, Danny Angus
Next by Thread:  Re: [Asrg] Re: bounces, and anit-spam principles, Tony Finch
Indexes:  [Date] [Thread] [Top] [All Lists]