ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] FeedBack loops

2008-11-14 07:28:50
from [Ian Eiloart] [Permanent Link] 


--On 13 November 2008 18:42:03 -0800 Steve Atkins 
<steve(_at_)blighty(_dot_)com> wrote:



On Nov 13, 2008, at 6:31 PM, Barry Shein wrote:


But second, and this is the much larger problem: widespread
adoption of
this will almost instantly lead to its mass exploitation by spammers.


How? Maybe I lack imagination, but why is this any more of a problem
than spammers just sending unsub etc requests now?

One would hope the path between a customer clicking a spam complaint
button and the service provider is reasonably reliable. And the unsub
could be verified by the same sort of means it might be verified
today.  For example I might only execute an unsub from AOL if it came
either from a customer who was actually sub'd to the list or from
AOL's feedback loop MTA. I suppose an FBL could also set up some sort
of asymmetric key pair method at setup.

But maybe I'm missing something entirely.


I think so, yes.

The suggestion is that the sender of the email can suppress sending
a report via feedback loop by including an unsubscription link in the
headers of the mail.
Huh? How is that a problem. If the email is from a feedback loop provider, then it doesn't matter whether the "report" is a feedback loop report, or through use of the unsubscription link. Spammers will ignore either, but genuine list owners will - presumably - find it easier to process requests using the link that they've provided. 


One flaw with that is that this allows spammers to suppress feedback loop
reports. Consider the (usual) case where the recipient of the feedback
loop is not the author of the original email, rather they're a service
provider to the original author.
Then the feedback loop provider needs to use both mechanisms, and perhaps be able to indicate whether the unsubscribe mechanism was attempted. 


Cheers,
   Steve

_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg




--
Ian Eiloart
IT Services, University of Sussex
x3148
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Email Postage (was Re: FeedBack loops), John Levine
Next by Date:  Re: [Asrg] FeedBack loops, Ian Eiloart
Previous by Thread:  Re: [Asrg] FeedBack loops, Steve Atkins
Next by Thread:  Re: [Asrg] FeedBack loops, Seth
Indexes:  [Date] [Thread] [Top] [All Lists]