-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In message
<55103b70-ca39-4694-92dc-07a17344d485(_at_)gulbrandsen(_dot_)priv(_dot_)no>,
Arnt Gulbrandsen <arnt(_at_)gulbrandsen(_dot_)priv(_dot_)no> writes
The real question is: would spam filters still be
able to do a good enough job if we removed these things?
There are two thresholds: The line above which enough information is
removed to effectively protect whatever is to be protected, and the line
above which best-in-class spam filters cannot effectively distinguish
between a blackhat trying to protect his identity and a whitehat doing the
same.
I can't see any argument that the two differ.
Spam filters do not seek to identify per se -- rather they assign
reputation to an identity, and the best in the class ones use everything
available to them in order to do that...
Where everyone (from some group or other) is given the same identity
then they will, of necessity, share the same reputation (which is a plus
for the black hats, and a minus for the white hats).
So the white hats will wish to be as identifiable as possible (in this
very narrow sense of not mixing their reputation with others) whereas
the black hats will wish to obscure the linkage between their previous
activity and what they are doing today.
Of course this mixing of reputation amongst a group of senders may not
be a long-term problem if someone is actively monitoring the membership
of the group and kicking out the bad guys.
Hence having the large providers (who all do some sort of proactive
monitoring for outgoing badness) do what they have done to obscure
submission IPs has had less of an impact (long-term) than if the small
providers (where monitoring is somewhat more variable) did the same.
However, the changes have not helped -- and it's meant that the extent
to which these large providers are responsive to out-of-band (and of
course very automated) feedback mechanisms matters rather more.
... and of course submission IPs were used for other things than just
spam filtering... fine grained loop control, ad hoc notification of
security issues, assistance in determining email provenance, triage of
crime reports etc.
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1
iQA/AwUBVmmjhOINNVchEYfiEQLc0gCgkm+87cHMuC1nTG9bR7dknaGOvCwAoPmU
Syr7b4wF+Vt0+V9LFElF9w8B
=r+f/
-----END PGP SIGNATURE-----
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp