On 09/Feb/10 17:45, Steve Atkins wrote:
On Feb 9, 2010, at 8:32 AM, Alessandro Vesely wrote:
There's a whole theory of other ARF messages that may arrive at a domain's
abuse@ mailbox. A domain's user, or someone writing to a forwarded address of
that domain, writes a message that is reported as spam, either correctly or by
mistake. As part of an FBL or other trust-chain, the message comes back wrapped
in an ARF report at the apparently originating domain.
The mailbox is abuse(_at_)domain in both cases. Although it may seem desirable
to have different addresses for incoming and outgoing reports, I doubt such
distinction will ever be effective. Indeed, the forwarded case is ambiguous.
If you think that any part of this chain is involving mail sent to abuse@
anywhere your model of it is a long way from how I understand the situation.
The abuse-mailbox is an attribute in some whois db (e.g. RIPE). The
form abuse(_at_)domain is standardized by rfc 2142. Some people (e.g.
Abusix) may plan to send machine generated complaints at such addresses.
Besides that, I don't feel my model is much different than yours.
Rather there's one part of the chain that involves an end users MUA reporting a
TiS button hit to their mail provider in a machine readable manner. That may
well be done via SMTP, but if so it'll be to a dedicated email address (or set
of email addresses) used solely for that function.
I agree that's a possibility. I've proposed abuse(_at_)authserv-id, which
may or may not be simpler. I don't think it makes a big difference.
The other part of the chain involves feedback loops, which are sent in response
to the TiS hit. Pretty much all current ones are sent via SMTP, but not
typically to an abuse@ address (it's certainly not best practice to do it that
way). Again, they're intended for entirely automated handling and so are
machine readable.
Yes, but I've used abuse(_at_)tana(_dot_)it for the FBL(s) I've subscribed to.
Perhaps if I had a ponderous ARF traffic I'd be better off using a
different address. However, that would be more of a nuisance if then
I'd have to redirect there other ARF messages that somehow reach the
abuse mailbox instead of my dedicated address.
Both parts of the service involve solicited, machine readable messages sent
under a contractual agreement. That's very different from an abuse@ alias,
which is dominated by unsolicited messages that are not intended to be machine
readable.
Again, splitting the traffic may be convenient for heavy loads.
However, I just whitelisted my abuse@ address from spam filtering. The
moment I'll get a lot of ARF reports, it will be easy to add a
recipient-filter that processes incoming messages only if they are in
ARF format and leaves them in the current folder otherwise.
--
P.S. apologies for using the term /theory/ improperly in
There's a whole theory of other ARF messages[...]
above. I really meant "a whole lot of other ARF messages", but my
English didn't support me. There is no full blown theory yet, AFAIK.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg