On Tue, Dec 1, 2015 at 9:57 AM, Ned Freed
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
Second, good luck on getting anyone to comment on the details of their own
secret sauce, or for that matter getting anyone who has learned such details
through business relationships. All such information is pretty much
guaranteed to be covered by confidentiality or nondisclosure agreements.
Last year, when we had a discussion session at M3AAWG to discuss how
to effectively move from IP-based reputation toward a domain-based
reputation model, it was clear that there were two camps of thought:
1) Throw everything (all headers, all content) into a ML framework and
let the algorithms figure out what to pay attention to in order to
determine spam/not spam as well as a reputation accrual mechanism for
any authenticated domain entities associated with the message;
2) Cherry-pick particular attributes and features of a message, with
particular attention to some headers and come to some heuristic
determination of spam/not spam + reputation accrual.
People with big ML frameworks and expertise use every available piece
of information. If they are mailbox providers, they use it on behalf
of their customers. If they are state actors, they use it for their
own purposes.
It is unclear which would be more affected by redacting trace headers,
but in the interest of moving domain authentication forward to handle
indirect email flows, we are proposing an authenticated version of the
Received chain in https://tools.ietf.org/html/draft-andersen-arc-00
and https://tools.ietf.org/html/draft-jones-arc-usage-00. We think
that this will be a benefit rather than a detriment to the community.
--Kurt
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp