spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Suggest New Mechanism Prefix NUMBER to Accelerate SPF Adoption

2004-08-25 11:37:22
from [Matthew.van.Eerde] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

AccuSpam wrote:

I am going to start a new thread, because IMHO this is too
important for SPF's success.

I am proposing that adding the option to specify the
probability that a message could be a forgery would:

"-all0.9993" which would mean 7 in 10,000 chance not a
forgery, 9993 in 10,000 chance is a forgery.

P(a @ b) = P(a) * P(b) / [P(a) * P(b) + (1 - P(a)) * (1 - P(b))]

The derivation is:

http://www.mathpages.com/home/kmath267.htm


Seems reasonable and well thought out.  I have some things to add
(haven't read your citations in-depth)

FIRST: I'd suggest reversing the syntax - have the numbers be
replacements for the prefix.  This allows for a simple extension of the
existing syntax.

Possible prefixes:
1(.0+)? - email from this chunk of the spf record is DEFINITELY
AUTHORIZED (PASS)
0(.0+)? - email from this chunk of the spf record is DEFINITELY
UNAUTHORIZED (FAIL)
0\.\d+ - email from this chunk of the spf record is POSSIBLY AUTHORIZED
(UNKNOWN)
So + is a synonym for 1, - is a synonym for 0, ~ is a synonym for 0.5,
and ? is a synonym for 0.1 (for some value of 0.1)

So you could have things like
v=spf2 1mx 1a 0.85include:partner.example.com 0.5ptr 0.15all

If the include recursively returned (say) a result of 0.75, that would
be multiplied by the 0.85.

SECOND:
The probability of spam-ness depends not only on where it comes from,
but where it goes.  Perhaps macros could be developed to take into
account things like:
Does the email cross continental boundaries?
Does the email go from a .biz to a .com?
Is the recipient an organization which is well-known to the sender?  Or
vice versa?  (That is, does
sender-dot-example-dot-com.whitelist._spf.recipient.example.com exist? 
With a probability tied to it between zero and one?)

Matthew(_dot_)van(_dot_)Eerde(_at_)hbinc(_dot_)com                      
805.964.4554 x902
Hispanic Business Inc./HireDiversity.com         Software Engineer
perl -e"map{y/a-z/l-za-k/;print}shift" "Jjhi pcdiwtg Ptga wprztg,"
-----BEGIN PGP SIGNATURE-----
Comment: pub key http://matthew.vaneerde.com/pgp-public-key.asc

iD8DBQFBLNxJUQQr0VWaglwRAqpvAJ9jCJAefHoX8ZBAYQH4KrpXApkkPQCg5378
nEAHGNx+hrh6A/sFVauGZXs=
=6kWy
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Suggest New Mechanism Prefix NUMBER to Accelerate SPF Adoption, AccuSpam
Next by Date:  RE: Suggest New Mechanism Prefix NUMBER to Accelerate SPF Adoption, AccuSpam
Previous by Thread:  FBI, others are prosecuting spammers, Jonathan Gardner
Next by Thread:  RE: Suggest New Mechanism Prefix NUMBER to Accelerate SPF Adoption, AccuSpam
Indexes:  [Date] [Thread] [Top] [All Lists]