Bart Schaefer wrote:
Just for comparison:
SpamAssassin defines what's called the Generic Test for Unsolicited Bulk
Email (GTUBE). It's defined as a string matching the regular expression
XJS\*C4JDBQADN1\.NSBN3\*2IDNEN\*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL\*C\.34X
appearing anywhere in the message body, after decoding and HTML rendering.
(I write the regular expression rather than the string itself so that any
of you running spamassassin won't score this message at 1000 points.)
Thanks! So a start has been made.
http://spamassassin.planetmirror.com/dist/t/data/spam/gtube.eml - a sample.
Matt Sergeant of SpamAssassin posted very relevantly to the ASRG about
GTUBE in March:
https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg01527.html+gtube
There were a couple replies that are meritless from Vernon Schryver and
Kee Hinckley
A valid complaint was what about antispam systems that aren't content
filters?
Enhancement to my scheme to more fully address it:
A pseudo-open relay could be established (run by who?) that would
(attempt to) relay only Quizzic-compliant messages. It would be listed
in all blacklists. The From would be specified to be that of a
specified domain, which would go in all domain-based blacklists.
(anything(_at_)ADVQZWK(_dot_)com, as previously suggested).
It would not 2xx OK the SMTP DATA command, but rather send a 4xx/5xx
error (the same one it encountered) if the attempt to relay failed.
Matt posted this helpful reply:
https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg01625.html
not realizing that there was a solution to his item 1 w/o spoofing.
Sounds like the effort is still needed and the need is there.