Sunday, Nov 29, 2015 11:28 PM John Levine wrote:
Yes. See the message you just replied to.
The experience you related sounds like hobbyist activity, no offense. I
can't see how what you described could possibly scale to anything a large
email provider would ever do, and indeed it's not something I would ever take
the trouble to do, even though my domain has exactly two users. If I get
spam, I delete it. I do not complain about it. I do not attempt to
understand where it originated.
Since the only header-field you can actually trust is the first one that
your own MTA adds, ...
No, that's not correct. See recent message.
I saw the recent message, and again, what you described is something that
I'm afraid again you're demonstrating that you really have no idea how this
stuff works at scale.
It is of course the case that Received: field analysis that depends on
knowledge of the domains involved doesn't scale to handle huge numbers of
domains. But that's irrelevant: Nobody cares about smalldomain.com's Received:
fields in this context, for any value of smalldomain.com.
The present day reality is that a significant fraction of mail originates
from a small number of domains. Those are the ones you care about. They're
the ones you care about, and since you can verify that mail actually came
from one of them through other means, you now have Received: fields you
can trust for a significant fraction of the mail you receive.
If that is your model for how header-field messages are used for validation, I
think what I said is actually more generally accurate.
Where on earth did you get the idea that Received: fields are used for
Do you seriously think that Google has special-case header parsing to deal
spam from Cornell students' infected computers? No, they just use machine
I have no idea what Google does, but I can assure you Received: field analysis
does play a role in spam filtering elsewhere. And even if it didn't, there's
more to mail operations than spam filtering.
ietf-smtp mailing list