The WG proposal seems to imply taking all IPs out. The discussion has
mostly been about submission.
It seems to me that there are at least three different IPs used, and some
of these are going to be visible regardless of intent.
Ie, there is the submission IPs, there are "internal" IPs, and external
Submission IPs seem like the largest level of risk, and from my gross
understanding of anti-spam, pretty minor. ...
If every mail provider had infrastructure and instrumentation as
sophisticated as Google's, that would be more or less true. But it's
going to be a long time until we get there.
Also, as other people have noted, you can learn a lot from cross
correlating what you see, e.g., I see a fair amount of spam from AUTH
attackers and it's useful to know where the bot is and see whether the
same bots are attacking multiple sites or categories of sites.
We certainly have stuff to talk about, but the tradeoffs are a vastly more
difficult and subtle than the WG's proponents appear to understand. Chris
Newman's counterproposal would be a good place to start.
ietf-smtp mailing list