[Top] [All Lists]

Re: SMTP Transferred-By-Reference

2007-11-13 13:30:21

Dave Crocker <dhc(_at_)dcrocker(_dot_)net> wrote:

The goal of the proposal is to permit deferred filtering analysis, or
at least reputation analysis.

   That is one of the goals.

As someone else noted, most of this work requires the message header
and/or content. That requires message transfer.

   Correct. I recognize that many folks will want to filter based on
content, even for messages from trustworthy sites.

The information that is transferred during the retained SMTP exchange
is minimally helpful, except for previous-hop IP Address.

   Please don't forget the URI and RFC2821MailFrom. These tell you the
originator, and even before you do reputation checks on them, you know
the originator can advertise DNS records and maintains a web-like
service and receives email. This is quite a bit beyond what you know
from the previous-hop IP address.

Everything else requires access to the actual message. This means
reaching across the net to get the message for inspection.

   Yes, there is a TCP setup time involved here. How responsive that
server is is presumably under the control of the originator.

The issue of hand-off responsibility is changed, but I have not heard
that asserted as a problem amidst anti-abuse efforts.

   You must be following different mailing lists than I do. I have seen
rather a bit of traffic about how to hold a SMTP connection open for
a longer time.

John Leslie <john(_at_)jlc(_dot_)net>