On Feb 5, 2010, at 9:18 AM, Chris Lewis wrote:
Steve Atkins wrote:
Also, if the failure mode is that the original sender of the email can cause
feedback loop reports to be sent to any email address they like there aren't
many real concerns.
You're assuming that only the UA would generate ARFs.
No.
I'm assuming that only the MUA would generate human triggered reports. (And
please don't refer to them as "ARFs" as that's... unhelpful.)
I can envisage a situation where BOTs caught at the front end MTAs could be
sent.
No.
If it's caught at the MTA, then the MTA operator will decide where to send the
reports.
MTAs doing it would be instant death on a forged target, even if the MTAs
hard rate limited (think backscatter bomb). It could also be instant death
on a non-forged target, but they're more likely to be able to handle it.
No, that cannot happen.
Then there's Joe Jobs. Not necessarily so much with source IPs, but with,
say, web site payloads getting falsely accused.
No. At worst that's exactly the same as the status quo.
In the approach I'm suggesting, the only time a report will be sent to the
email address embedded in the headers of the original email by the sender is
when
1. Neither the mailbox provider, nor any forwarder (e.g. acm.org) choose to
be aware of the protocol
and
2. The mail is delivered to the end recipients inbox
and
3. The recipients MUA is aware of the protocol
and
4. The end recipient manually marks the message as spam
If any of those four requirements is not fulfilled, then no report will be sent
to any email address embedded in the original message by the sender. If you're
going to argue about how this will cause problems, you need to do so in that
context.
Cheers,
Steve
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg