Tuesday, Dec 1, 2015 2:20 PM Chris Lewis wrote:
If they don't care enough to make such information available, it's
likely that it's because they don't see the issue as being
sufficiently important, which is to say they don't think Received:
headers make enough difference to be worth arguing about.
That's not what it means at all.
For any such information to be even remotely meaningful, it has to be tested
on very large real environments.
Imagine, if you will, our approached our largest customers (which are
certainly big enough to matter in this context), and asked them to either:
- sacrifice filtering effectiveness for a week and tell us the
- re-instrument thousands of receiving MTAs to distinguish and report
on the differential based on a new indicator I provide
So that we could satisfy your curiousity, they'd laugh in our faces.
That is literally what I said. They don't care enough about satisfying my
curiosity to do the work. Perfectly understandable. If they thought that
the IETF producing a document recommending that the Received header field be
obfuscated were a serious problem, they would care enough to do the work--it's
really not that much work, and chances are they already have a test harness
that would allow them to do it.
I could tell you the differential in our instrumentation. But if you don't
accept my previous assertions, you won't accept this one either.
Again, this is literally what I asked for. I do not trust your assurances
that you speak from authority. IETF people are always trying to argue from
authority--if we held that against each other we would never get anything done.
I am very curious to hear your numbers, as long as you explain how you got
them. I don't mean explain your spam algorithm--I mean characterize your
sample, and explain why you think it's a good sample, and explain your
methodology: what you did to the sample for test A versus what you did for test
B. Interesting things to do for the test sample to differentiate it from the
control sample would be removing the last Received header field entirely (last
in sequence, meaning first added), modifying the From clause for example as
Stephen Farrell suggested, or simply deleting the From clause but keeping the
rest of the last Received header field.
BTW, turning off the Received header field testing for a week isn't a valid
methodology, since there's no way to control for the rather substantial
variation in amounts and types of spam from week to week.
In an ideal world, when everybody here was under NDA, I could give you some
of the obvious, compelling and overwhelming evidence.
I don't think you could. You've said enough things that don't actually make
sense at this point that I would really need you to show your work, not just
give me assurances like the following:
It's huge. Really.
Sent from Whiteout Mail - https://whiteout.io
My PGP key: https://keys.whiteout.io/mellon(_at_)fugue(_dot_)com
Description: PGP signature
ietf-smtp mailing list