ietf-asrg
[Top] [All Lists]

Re: [Asrg] where the message originated

2009-01-14 00:27:10
Gordon Peterson wrote:

First of all, ultimately the ONLY authority which TRULY determines FOR A 
FACT whether a given piece of e-mail is unwanted or not is the final 
recipient.

You're being awfully absolute in that statement.

RSK has outlined entities (other than the final recipient) who do.  That
of course you'd counter with "but they shouldn't".

So, I'm going to take a different tack - outlining why many should.  And
in some cases legally must.

As a corporate, our email infrastructure is for our business purposes.
While we do permit reasonable personal use, exposing our infrastructure,
IP or employees to risk of malicious content is simply not on.  It's our
infrastructure, for us, we need to protect it.

For any medium-large infrastructure, they can't _afford_ to let viruses
in.  Simply from the perspective of self-preservation and integrity of
their own networks.

Secondly, at least in a business context, there are laws about workplace
environment that _require_ us to filter certain things.

Other people enroute might conclude that something PROBABLY is spam, but 
they cannot be sure.

There are many cases where "people enroute" can be absolutely certain
it's spam.  Apropos my other posting: anything saying "HELO
list.mediresource.com" (except possibly from 209.82.15.228, it's other
SPF-permitted IP helos as tempmail.mediresource.com) is spam.  Their SPF
says so, and all of the emails contain bogus DKIM signatures.  We _know_
it's a bot.

There are many times you can tell, absolutely with no FPs, that an email
is sent by a BOT.

Certainly, if you're a, say, spam or virus researcher, you might want to
get your email flow raw.  Fine.  Just don't expect a commodity ISP to
accommodate you at commodity prices.  They simply can't afford the risk
to their infrastructure.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg