[Top] [All Lists]

Re: SMTP Transferred-By-Reference

2007-11-12 14:14:55

On Nov 12, 2007, at 8:34 AM, Tony Finch wrote:


When the SMTP client's reputation is unknown, an SMTP server is unlikely to Perm Error at the EHLO. Temp Errors at this point might be used to discern whether the SMTP client keeps state, as with greylisting. Temp errors might also be used to delay acceptance when a spam campaign is detected as being active at an SMTP client handling messages from both good and bad actors. TBR provides a safe alternative to greylisting and temporary holds. TBR makes makes an additional demand on recipient resources only in cases where the message source is actually trusted. However, for those sources, normal delivery can be used. When a message does get fetched, this additional burden of TBR still represents less than that required for other source identification schemes.

On Mon, 12 Nov 2007, John Leslie wrote:

Doug Otis and I have been working up a proposal for a SMTP extension to shift some of the burden of spam abatement away from the receiving SMTP servers towards the originator.

This critique does not apply for a few reasons. The sender is unable to lie about the message source, and determining the source will not cost the recipient additional resources. Accepting and then processing a 512 byte message results in fewer packet exchanges than would refusing 2 or more multi-KB messages. (At today's level of spam, this could be estimated +20 at +8 KB.) With TBR, the recipient is permitted to decide at anytime after receipt whether to perform a subsequent process (fetch or store and forward). The typical percentage of undesired versus desired email results in the added extension being far less resource intensive. TBR offers greater leeway in safely handling difficult cases.