I'm trying to represent the concerns of others, not my own concerns, so I may
not be getting this exactly right.
I think the concerns are about systems which make use of the content while it is
still in transit, not when it has arrived at (the edge of) a destination
mailbox.
So virus and spam systems which inspect content as it arrives at its destination
can perhaps be seen as the 'agents' of the recipient. If the recipient does not
like what e.g. her ISP is doing to her messages, she knows who to talk to about
it.
What we were talking about was inspections / rejections which, in some
situations, could take place within the transport system, at MTAs having no
relationship whatsoever with the sender or the recipient.
It's in these within-transport situations that I believe some parties have
concerns about inspecting the message content and/or making message disposition
decisions without tracable authority from the sender or recipient.
Chris
----- Original Message -----
From: "guy" <pobox(_at_)watkins-home(_dot_)com>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Wednesday, October 27, 2004 1:24 PM
Subject: RE: [spf-discuss] Sender ID in the news
Virus checkers and spam filters must "read" more than the headers.
A lot more!
Why is this not an issue?
Guy
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Chris
Haynes
Sent: Wednesday, October 27, 2004 6:04 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Sender ID in the news
"Seth Goodman" asked:
<skip>
I still have a question for Chris. As a forwarder, don't any of your
customers ask you to run SpamAssassin on their accounts? What I'm getting
at is do you really need some kind of permission to inspect headers in an
automated fashion in order to detect forgery? You're not recording
anything
that is not a forgery, so in what way are you violating privacy? The MTA
is
scouring the headers for lack of a match to indicate forgery, but the
machine sees every byte on the way through anyway. As long as no human
sees
the content of any email not addressed to them and the machine doesn't
record anything about non-forgeries, has there been any violation? Is
this
like if a tree falls in the forest and no one is there to hear it ...
Forgive me if these are foolish questions, but I've never been in the
forwarding business so I've never had to think about it.
Ah, I didn't respond the first time you asked, because I rather hoped a
Forwarder would leap in and answer.
I'm not a Forwarder, so I can't answer your question from any kind of
personal
experience.
In this forum, my role is as 'volunteer-architect'. I'm watching all the
issues
people raise and trying to distill and accommodate them.
In this area of 'opening and inspecting the message' I've noted several
posters
(Frank Ellermann amongst others) who have pointed out that some legal
juristictions (Germany? California?) appear to have concerns about these
practices.
I believe also that some US corporations have concerns about preserving
their
'common carrier' status.
I'n trying hard not to judge whether or not these concerns are valid, or
suggest
that we challenge or ignore them, but rather just see if there are any
relatively-easy ways of accommodating the concerns - hence my suggestion for
the
'implied sender authority'.
Hope this helps.
Chris Haynes
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com