On Mon, Nov 30, 2015 at 04:46:14AM +0000, Ted Lemon wrote:
The experience you related sounds like hobbyist activity, no offense.
I can't see how what you described could possibly scale to anything a
large email provider would ever do [...]
First, most extant "large email providers" are not exemplars of the
behavior that I think we should standardize/encourage. I *wish* they
were: prominent role models would be valuable assets. But they're not.
Second, no, it's NOT hobbyist activity, it's actually a very useful
technique for the overwhelming majority of operations...because the
overwhelming majority of operations, by a huge margin, are NOT "large
email providers". They're Joe's Shoe Factory and Bedrock University and
Mary's Construction. And both their inbound and outbound mail streams,
when subjected to appropriate analysis, exhibit a number of obvious
patterns. Knowledge of those patterns guides defensive strategies
(against spam, phishing, etc.) and yields systems that exhibit very low
FP and FN rates -- and are fairly resistant to gaming by attackers.
Third, disabling those techniques (by concealing information that they
rely on) makes the users of such sites LESS secure because it increases
their vulnerability to spam, phishing, etc.
ietf-smtp mailing list