On 03/Aug/11 15:33, Murray S. Kucherawy wrote: >> http://wiki.asrg.sp.am/wiki/Adding_a_junk_button_to_MUAs >> >> That still looks current. It allows MUAs to report in a variety of >> ways. For SMTP, it is obviously better to wrap the offending mail in >> an ARF message, but not mandatory. > > Just to be precise, I think JD is suggesting a BCP about how one > handles received abuse reports, not how they are generated.
Yes, a MUA that downloaded a message from pop3.example.com would send it back to some address of example.com. In the same way, some other mailbox provider receiving abuse reports from its customers, finds out that a reported message belongs to example.com (DKIM or SPF auth, or IP assigned to example.com), and sends the report to some other address of example.com. There are a number of ways to discover which addresses of example.com should be used in each case. This, IMHO, should be the main topic of the new BCP. > The point at issue is that one large service provider has decided > only to accept abuse mail if it's an ARF; free-form complaints are > no longer accepted. While RFC 2142 is the last option for a tool, it is the easiest one for sending an abuse report manually. Because ARF is most probably managed automatically, hand written reports that include meaningful free-text should never be ARF-wrapped, nor sent to ARF-addresses. Reporting-discovery has a re= for the relevant role account. It defaults to abuse@. I'd take JD's advice and write a draft addressing both topics above, but I cannot start that before September. _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
