On 12/6/20 9:30 PM, Murray S. Kucherawy wrote:
On Sun, Dec 6, 2020 at 9:24 PM Michael Thomas <[email protected]
<mailto:[email protected]>> wrote:
An idea that i've been rolling around in my head is that the MLM
could give a sed-like script to rollback the changes. since they
know their modifications, they can obviously express how to
unmodify them. it may have less issue with the mime hackery you
were thinking about.
You'd need a way to assert, and then evaluate, that something
equivalent to "s/.*/spam/g" is a transformation you're not willing to
reverse and say "yep, we're good." I don't know how you'd go about
automating that.
yes, definitely. but that's just as true of your draft. these are all
heuristics at some level to feed into some hypothetical filtering
machine to make sure there is no fuckery going on. such is the nature of
spam filtering. i think that is the part that is hard thing to swallow
from a standards standpoint and is what causes so much roiling. it's
hard for me to say if that's a good thing or a bad thing.
But as far as your point about spam vectors it is surely just as
true about ARC, right? at least with recovering the original text
i have the ability to remove all of the transforms and deliver the
original text. ARC not so much. it's all or nothing on the trust
front.
But I really think the key thing about all of this is figuring out
what defines success. That is the most important thing by far.
I think ARC, like PSD, is meant to run for a while and see what we've
learned from it. Maybe it's the silver bullet, or maybe it's
ineffective complexity. That should be part of the experiment's
definition; Section 11 of the ARC RFC does try to capture all of that.
As I've been harping on, we need to have an agreed on definition of
success. We know that 100% is not among them. What in the long tail
don't we care about?
Mike
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
