On Wed, Sep 28, 2022 at 11:39 AM Dave Crocker <[email protected]> wrote:
> > On 9/19/2022 11:59 AM, Brandon Long wrote: > > > > On Sat, Sep 17, 2022 at 11:10 AM Dave Crocker via mailop < > [email protected]> wrote: > >> >> On 9/16/2022 7:35 PM, Brandon Long via mailop wrote: >> > > So, while AOL & Yahoo were the vanguard for mass consumer providers, the >> problems were already being experienced by many corporate domains before >> that, and even more since. >> >> The issue is not that the abuse was/is not real but that the method of >> responding to it was chosen in a manner that externalized the problem to >> innocent third-parties, breaking what they had been doing for 40 years. >> >> It would be good not to be cavalier about this, just because those >> experiencing the collateral damage are not our users. >> > Every spam false positive is collateral damage experienced by both the > sender and receiver. And every spam false negative is another nail in > email's coffin. Is that not also collateral damage to "not our users", > especially > since this thread is spawned from the oligopoly discussion as complaints > from small senders? > > Brandon, it is cavalier to start with cliches and stop with them. > Especially with cliches this generic. > > The imperfections of basic spam filtering technologies do not change email > semantics. Nor do they have a knock-on effect on services and uses that > have no contact with the platform running the filtering. > > Expanded use of DMARC creates both of these collateral damages. > > Aren't RBL's based on the power of collateral damage? > > That's a nicely cryptic reference. I have no immediate guess what you > mean. Please explain. > One of the powers of a blacklist, especially ones that activate with relatively low spam volume or for things like the old RFC compliant RBL, is to greatly increase the cost to a sender of being a spam source. There is full expectation from those RBL providers that there will be some amount of good email that is blocked, and doing so will force the sender to change behavior. > DMARC was not new in its externalization. Maybe the forced change to > semantics makes it different in some way, or who was hit was different, > sure. > > I believe that it /was/ new in its externalizations. Since you believe > otherwise, please provide details. > Isn't SPF failure essentially the same as DMARC, though just for the envelope? I guess envelope rewriting was a previously accepted semantic, but From header rewriting wasn't? Was having a policy of not accepting executable attachments a semantic change? Yes, I ignored the use of "semantic" in your argument and went directly to collateral damage, there's been plenty of collateral damage of spam and abuse. You're drawing some distinction on this particular one being different which I'm either failing to understand or failing to see how that distinction matters. To most email users, the change probably went unnoticed or was lost in the other minor perturbations of the constant change of their technical world. To most email admins, complying means frobbing a config on their software, the same way they learn and handle the myriad of other requirements of modern email sending best practices. Brandon
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
