On 24 Feb 2008 01:44:49 -0000, John Levine <[EMAIL PROTECTED]> wrote:
> > The discarding of email is one of the key causes of some significant > > loss of trust in email as a reliable means of communication. > > Since I invented the term "discardable" perhaps I should explain why I > mean discardable when I say discardable. > > There is a common meme that discarding mail is always bad. But > generating and delivering bogus mail is just as bad, because nobody > can find the real mail in a mountain of spam. Every day I get > feedback loop "spam" reports for what is clearly real mail from a real > person sent to a real recipient. But the recipient's eyes glazed over > at all the spam in the inbox, and they discard the real mail along > with the spam. Keep that in mind. > > I'm not sure how many people here other than Mike Hammer and me have > direct experience running a heavily phished domain, so here's a report > from the trenches. I run abuse.net, a tiny little domain that manages > a reporting address database. On a busy day there might be 100 > outbound messages with abuse.net return addresses, but due to some > eastern European spammers with a strange sense of humor, every day I > get 400,000 bounces, out of office, and other blowback. That's the > reality of a phish target -- the fake mail vastly exceeds the real > mail, by orders of magnitude. I don't know the absolute numbers for > Paypal and the various banks, but I'm confident that they are in the > same situation at even larger scale, way more fake than real mail. > > That's why when I say discardable, I really mean it. When I upgrade > my MTA to sign all of abuse.net's mail, I will really want you to > throw away unsigned mail. Not reject, not bounce, not send a DSN, > just THROW IT AWAY. Even if you carefully do your filtering and > reject at SMTP time, enough of the MTAs that see your reject will turn > it into a bounce that I'll still be inundated with junk bounces for > mail I didn't send. (Hmmn, large numbers of similar messages I didn't > ask for and don't want. Don't we have a name for that?) > > I have some fairly effective heuristics to identify the bogus bounces, > but they're not 100% accurate, which means that with all the noise, I > lose some of my real bounces as well. Who benefits from that? > > If you aren't in this situation, vastly more fake mail than real mail, > discardable doesn't apply to you. If you see the occasional bounce > blowback, or even the occasional burst of a few hundred blowbacks, > it still doesn't apply to you. Really. > > I entirely agree that for normal mail, you should reject it if you > don't deliver it so that the real person (or perhaps the real ESP) who > sent it can do something useful with the info. But this situation is > different -- the bad mail is not from real senders, the forged sender > is already acutely aware that there's a lot of forgery, and any > response will just increase the noise. > > People do need guidance on discardable, but the guidance is pretty > simple: > > A) If you're not sure whether discardable applies to you, it doesn't. > > B) If you're fairly sure that discardable applies to you, it still > probably doesn't. > > C) If a heavily phished domain asks you to throw away the apparent > forgeries, do the world a favor and take their advice. > > R's, > John > John, Standing O, loud thunderous applause and four finger whistles from me. I get the feeling that those of us in the trenches get bulldozed over sometimes. Regards, Damon Experience: Postmaster of a few tiny domains ;-)
_______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
