On 24 Feb 2008 01:44:49 -0000, John Levine <[EMAIL PROTECTED]> wrote: > > The discarding of email is one of the key causes of some significant > > loss of trust in email as a reliable means of communication. > > Since I invented the term "discardable" perhaps I should explain why I > mean discardable when I say discardable. > > There is a common meme that discarding mail is always bad. But > generating and delivering bogus mail is just as bad, because nobody > can find the real mail in a mountain of spam. Every day I get > feedback loop "spam" reports for what is clearly real mail from a real > person sent to a real recipient. But the recipient's eyes glazed over > at all the spam in the inbox, and they discard the real mail along > with the spam. Keep that in mind. > > I'm not sure how many people here other than Mike Hammer and me have > direct experience running a heavily phished domain, so here's a report > from the trenches. I run abuse.net, a tiny little domain that manages > a reporting address database. On a busy day there might be 100 > outbound messages with abuse.net return addresses, but due to some > eastern European spammers with a strange sense of humor, every day I > get 400,000 bounces, out of office, and other blowback. That's the > reality of a phish target -- the fake mail vastly exceeds the real > mail, by orders of magnitude. I don't know the absolute numbers for > Paypal and the various banks, but I'm confident that they are in the > same situation at even larger scale, way more fake than real mail. > > That's why when I say discardable, I really mean it. When I upgrade > my MTA to sign all of abuse.net's mail, I will really want you to > throw away unsigned mail. Not reject, not bounce, not send a DSN, > just THROW IT AWAY. Even if you carefully do your filtering and > reject at SMTP time, enough of the MTAs that see your reject will turn > it into a bounce that I'll still be inundated with junk bounces for > mail I didn't send. (Hmmn, large numbers of similar messages I didn't > ask for and don't want. Don't we have a name for that?)
The alternatives aren't really any better, either. Bounce it. Bounce it where? To the (99% chance of forged) return path? >From what I am led to believe, the vast majority of DKIM evaluation is taking place after receipt, meaning the opportunity to reject during SMTP is not available. Regards, Al Iverson -- Al Iverson on Spam and Deliverability, see http://www.spamresource.com News, stats, info, and commentary on blacklists: http://www.dnsbl.com My personal website: http://www.aliverson.com -- Chicago, IL, USA Remove "lists" from my email address to reach me faster and directly. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
