On Feb 8, 2010 at 15:31 +0100, Alessandro Vesely wrote:
=>On 08/Feb/10 07:28, John R. Levine wrote:
=>> Here's some scenarios in which I'm not sure what the best thing is to do.
=>>
=>> A) User has multiple incoming accounts, presses the spam button, and the
=>> outbound MSA doesn't match the incoming account. Hence the report goes
=>> via unrelated third parties that might snoop on it. Do we care? The user
=>> has said it's spam, after all.
=>
=>We care that reports get lost. However, picking the wrong MSA should at most
=>result in a suboptimal delivery path. Was the destination address correct?
Picking the wrong MSA could also result in lost reports. The "wrong"
MSA might have different filters/rules running on it (not having the ARF
reporting address white-listed/scan exception) which could cause the TiS
message to get rejected/quarantined/redirected/dropped and thus not
making it to the intended recipient (ARF reporting address).
Not really wanting to open another "deliverability" sub-thread or debate
the merits of SPF/DKIM, but.... IMO as more sites start to move to a
SPF -all, or sign their out-bound MSA messages with DKIM using the
"correct" MSA becomes more and more of a requirement if the user
(sender) wants their e-mail to get to the recipients. Using the correct
MSA is not just a TiS submitted via SUBMIT issue.
--
***********************************************************************
Derek Diget Office of Information Technology
Western Michigan University - Kalamazoo Michigan USA - www.wmich.edu/
***********************************************************************
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg