[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for something

2015-12-10 10:10:16
Hash: SHA1

In message 
Arnt Gulbrandsen <arnt(_at_)gulbrandsen(_dot_)priv(_dot_)no> writes

The real question is: would spam filters still be
able to do a good enough job if we removed these things?

There are two thresholds: The line above which enough information is 
removed to effectively protect whatever is to be protected, and the line 
above which best-in-class spam filters cannot effectively distinguish 
between a blackhat trying to protect his identity and a whitehat doing the 

I can't see any argument that the two differ.

Spam filters do not seek to identify per se -- rather they assign
reputation to an identity, and the best in the class ones use everything
available to them in order to do that...

Where everyone (from some group or other) is given the same identity
then they will, of necessity, share the same reputation (which is a plus
for the black hats, and a minus for the white hats).

So the white hats will wish to be as identifiable as possible (in this
very narrow sense of not mixing their reputation with others) whereas
the black hats will wish to obscure the linkage between their previous
activity and what they are doing today.

Of course this mixing of reputation amongst a group of senders may not
be a long-term problem if someone is actively monitoring the membership
of the group and kicking out the bad guys.

Hence having the large providers (who all do some sort of proactive
monitoring for outgoing badness) do what they have done to obscure
submission IPs has had less of an impact (long-term) than if the small
providers (where monitoring is somewhat more variable) did the same.

However, the changes have not helped -- and it's meant that the extent
to which these large providers are responsive to out-of-band (and of
course very automated) feedback mechanisms matters rather more.

... and of course submission IPs were used for other things than just
spam filtering... fine grained loop control, ad hoc notification of
security issues, assistance in determining email provenance, triage of
crime reports etc.

- -- 
richard                                                   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

Version: PGPsdk version 1.7.1


ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>