[Top] [All Lists]

Re: [ietf-smtp] EHLO domain validation requirement in RFC 5321

2020-09-27 15:09:18
On 9/27/2020 12:53 PM, Keith Moore wrote:
and spammers have made it impossible to give senders the benefit of the doubt. Given the prevalence and maliciousness of spam, much of which comes from compromised hosts whose nominal owners have no clue, if it doesn't look squeaky clean, it's probably malware.

Every time I see a statement like that that doesn't even consider the false positive rate, my bogometer pegs.   It's like the elephant in the room that nobody wants to talk about.

1. Since it wasn't trying to provide a comprehensive statement about all of the factors that go into the balancing act of real-world email filtering, your criticism for what it doesn't cover is claiming a failure to cover something that wasn't in scope.

2. You appear to be implying that folk running email services don't worry about false positives.  But I'll be that you know they must.

3. In fact in rooms where folk who do actual anti-abuse operations talk, they do talk about false positives.  (duh).

4. This ain't one of those rooms, since few of those folk are hear and that isn't the topic for this room.


Dave Crocker
Brandenburg InternetWorking

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>