On Tue, 30 Jan 2007, David MacQuigg wrote:
At 11:27 AM 1/30/2007 +0000, Julian Mehnle wrote:
Stuart D. Gathman wrote:
> On Mon, 29 Jan 2007, Julian Mehnle wrote:
> > This is an interesting insight into your personal reputation system.
> > Thank you!
> >
> > However, shouldn't a reputation atom be qualified by more than just
> > "SPF" or "neutral" ("neutral" _what_?)? I'd think you'd at least
> > require <scope/identity-type>, <method-of-authentication>, <result-of-
> > authentication>, e.g. "HELO", "SPF", "Pass"?
>
> You missed the previous post. The qualifiers are currently:
>
> if SPF pass:
> domain:SPF
> elif bestguess:
> domain:GUESS
> elif HELO SPF PASS or bestguess:
> domain:HELO
> elif SPF neutral:
> domain:neutral
> elif SPF softfail:
> domain:softfail
> elif valid non-dynamic rDNS:
> 1.2.3.4:IP
> else:
> REJECT the connection
No, I did NOT miss it.
What does "neutral" mean? Does it imply "SPF"?
> SPF means SPF pass.
Ah.
I rather think _you_ missed _my_ point. You _always_ need at least <scope/
identity-type> AND <method-of-authentication> AND <result-of-authentica-
tion> as a qualification. In your design, each qualifier name indicates
only one item _explicitly_ ("foo") and _implies_ ("(bar)") the others:
qualifier | scope | auth-method | auth-result
-----------+---------+-----------------+-------------
SPF | (mfrom) | SPF | (Pass)
GUESS | (mfrom) | SPF-guess | (Pass)
HELO | helo | (SPF/SPF-guess) | (Pass)
neutral | (mfrom) | (SPF) | Neutral
softfail | (mfrom) | (SPF) | SoftFail
IP | ip-addr | (valid rDNS) | (match)
Not exactly the most obvious naming scheme. :-)
There is no limit to the number of small bins we could sort these scores
into. On my system, I could specify the authentication methods and results,
the SpamAssassin score threshold at which we count the message as spam, the
version number and ruleset used in SpamAssassin, and even then the scores for
a domain will be dependent on the particular set of recipients we are
monitoring. I see a lot of spam from comcast.net. Stuart apparently doesn't
have any recipients with legitimate mail from comcast.
What we need from reputation services, if they want to be included in our
Registry, is a simple final score that can be used to rate a domain when they
first say HELO. What is the probability that if we accept a message from one
of their authorized transmitters, it will be spam? Maybe we should call this
their "HELO reputation" to distinguish it from other equally-valid ways of
measuring reputation.
Yes, you should.
So don't get too confused and mixup various identities as
I seem to remember from your previous proposals.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735