On Sun, Dec 6, 2020 at 11:02 AM Michael Thomas <[email protected]> wrote:
> Based on the work I did at Cisco 15 years ago which essentially was a
> heuristic based form of those two drafts, I found that it worked for
> about 90 some percent. I unfortunately do not know what the nature of
> the remaining messages that could not be recovered (either I never did
> the analysis or don't remember). Things may have changed some since
> then, but that was what we got for the entire mail stream of a large
> company. Is that "good enough"? Or better yet, what is the definition of
> "good enough"?
>
A counter-argument I've heard often to the idea of reversible
transformations is that it can become a spam vector, no different than the
argument against "l=". For instance, if we start chopping off typical list
signatures ("delete everything at and after the lowest line containing only
hyphens"), then I can take a message from a good actor, tack a spam list
signature onto it, claim I'm an MLM, and it'll still pass with the author
domain signature when it gets delivered downstream, though the spam will
still be there.
Another is that it's not actually easy to describe all or even most of the
mutations an MLM might make to a message. (Mailman sent me the list of
changes they might make to a message. It's not a small list.)
Yet another is that two different MLMs might implement MIME-izing actions
ever so slightly differently, yet both results are fully compatible with
MIME and indistinguishable when rendered by most MUAs.
So in the limit, this comes down to defining a set of transformations
everyone agrees are allowed, and then all MLMs and filters implementing
exactly those and no more. There doesn't seem to be much of an appetite in
the community for this path.
-MSK
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
