On Feb 9, 2012, at 10:33 AM, Murray S. Kucherawy wrote:
>> -----Original Message-----
>> From: [email protected] [mailto:[email protected]] On Behalf Of
>> Steve Atkins
>> Sent: Thursday, February 09, 2012 10:29 AM
>> To: Message Abuse Report Format working group
>> Subject: Re: [marf] I-D Action: draft-ietf-marf-as-07.txt
>>
>> One common case is where the d= domain is that of the entity owning the
>> mailing list and generating the content, while outsourcing the delivery
>> of the mail to an ESP.
>>
>> In those cases (and it's a very common case) notifying anyone other
>> than the ESP is probably a waste of time, while notifying the ESP will
>> be extremely effective.
>>
>> I'm not sure whether we want to try and teach people what some decent
>> heuristics are, or just put in enough suggestions to mitigate the harm
>> done to others if they get it wrong, though.
>
> It seems to me we're starting down the road of cluttering the document with
> counter-examples if we add this.
>
> Can someone suggest some more generic text here about cases where reporting
> to the "d=" is a bad idea, hopefully in ways that the report generator can
> detect?
>
> If not, the two examples we have set the stage nicely, I think.
I think the examples are the problem. The implication they give is that
if the d= domain is a "real" domain, it's a good place to send reports
to.
It's a really minor issue, but I guess I should come up with some
alternate wording.
*** draft-ietf-marf-as-07.txt 2012-02-07 22:38:33.000000000 -0800
--- new.txt 2012-02-09 11:11:01.000000000 -0800
***************
*** 307,317 ****
6. Where an abusive message is signed using a domain-level
authentication technology such as DKIM ([RFC6376]) or SPF
([RFC4408]), the domain that has been verified by the
! authentication mechanism is likely a reasonable candidate for
! receiving feedback about the message. However, this is not
! universally true, since sometimes the domain thus verified
! exists only to distinguish one stream of mail from another (see
! Section 2.5 of [RFC6377]), and cannot actually receive email.
7. Recipients of unsolicited ARF reports SHOULD, in general, handle
them the same way as any other abuse reports. However, they MAY
take advantage of the standardized parts of the ARF format to
--- 307,318 ----
6. Where an abusive message is signed using a domain-level
authentication technology such as DKIM ([RFC6376]) or SPF
([RFC4408]), the domain that has been verified by the
! authentication mechanism is oftenlikely a reasonable candidate for
! receiving feedback about the message. For DKIM, though, while
! the authenticated domain has some responsibility for the mail
! sent it often will not be a good contact point for abuse issues
! (for example, it may be the author of the message rather than
! the sender or it may be a domain that doesn't accept email at all).
7. Recipients of unsolicited ARF reports SHOULD, in general, handle
them the same way as any other abuse reports. However, they MAY
take advantage of the standardized parts of the ARF format to
Cheers,
Steve
_______________________________________________
marf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/marf
