On Tuesday 03 January 2017 at 12:11:35, Rob Gunther wrote:
> The other day I was thinking it would be cool if you could detect
> legitimate replies to mail I send.
> I came up with a concept called 'Authenticated Reply Detection'.
>
> It uses the Message-ID header to encode some information when a message
> goes out - no database or saving of Message-ID is required.
That seems like a neat idea, however it depends on you being in charge of the
original outbound mail server as well as the (possibly different) one
processing inbound mail and checking there for spam.
Given the increasing usage of Google-based business email services (and
others, similar), wouldn't that tend to prevent you being able to manipulate
the Message-ID header, because you are no longer in charge of the outbound
server used by senders on your domain?
> If/When a reply comes back the details from Message-ID come back in the
> 'In-Reply-To' header. If validated the message is guaranteed to be a reply
> to a message I sent, and spamassassin could adjust scoring accordingly.
I like the concept; sounds like it could work well for "traditional" self-
hosted email systems.
Regards,
Antony.
--
A user interface is like a joke.
If you have to explain it, it didn't work.
Please reply to the list;
please *don't* CC me.
