[mail-vet-discuss] Draft as of 9/4/2007
Michael Thomas
mike at mtcc.com
Sun Oct 14 11:54:12 PDT 2007
John L wrote:
>> Frankly I don't much care because on average I have no clue whether I
>> trust
>> where it's coming from. And if I trust where it's coming from, I
>> probably trust them to filter out the nonsense too, so it seems
>> rather pointless.
>
> There are some sites like that, and I can assure you there are
> forwarders I have to deal with that try to filter but do a really
> lousy job of it. They're the ones whose AR would be particularly
> useful. I'm not being hypothetical here, I'm dealing with this kind
> of mail every day.
So you'd trust their AR but not their antispam? Sounds like a corner
case to me.
>
>> The sufficiently inept users outnumber us millions to one.
>
> Indeed. So I presume you agree it is a waste of time to try to
> cripple specs to remove the parts that the inept might misuse?
> They'll misuse everything.
Tell me, do you pass viruses and phishing along to your users, or do you
filter them at the border? For all intents and purposes, an AR header across
an administrative domain might just as well be viewed as a phishing attempt
since it may well be trying to give a false sense of security to some
victim.
Frankly if this draft tries to tell admins that they shouldn't scrub
AR's at the
border it will just be ignored. So what's the point?
Mike
More information about the mail-vet-discuss
mailing list