On 12/01/2015 06:45 PM, Ted Lemon wrote:
> Tuesday, Dec 1, 2015 6:11 PM Chris Lewis wrote:
>> When your cat's litter box gets infected with, say, cutwail,
>> spewing gazillions of copies of randomized "come do X to my Y!"
>> exhortations, you're not giving the receiver (ML or ad-hoc) very
>> much to distinguish between that and your pearls of wisdom.
> Er, no, the cat box doesn't have my credentials nor know my email
> address, so it can't send spam from me. If it sends spam from
> someone other than me, the Received header field makes my
> /legitimate/ email look more like spam, because both the cat's spam
> and my legitimate email have the same IP address in the Received
> header field. In this case I /definitely/ don't want the Received
> header field.
Er yes, without the MSA-enforced IP address (or unique blob indicating
something similar) the filter can't necessarily tell whether your
legitimate email is different than the cat litter box. By omitting
the MSA's received line your legitimate mail becomes _less_
distinguishable from the flying litter ... the ML has more chance of
lumping both of youse into the same bucket and so your, er, email ends
up in the toilet too.
Even when everything is forged/forgeable (eg: regardless of whether
the MSA's headers are forged or decided to be trustworthy), the
uniformity of your Received/From tuples stands out in stark contrast
to the forged stuff (random or otherwise) to the ML - it gives the ML
more to "grab onto".
Now, with my piddly little mail server (which your steam punk mail
server doesn't seem to like BTW), the ML will rarely see enough signal
to do a proper analysis. But at scale, the ML often will.
ietf-smtp mailing list