On Jul 28, 2011, at 5:14 PM, zav961 wrote: > Of course, MARF also has its use in Outlook or similiar Mail Software where a > user can push a button to mark a mail spam, or not spam, and the sending ISP > (and/or filter provider) automatically gets informed upon that user > intervention. A fully manual MARF report would seem over the top however.
Using ARF for reports from MUAs has been discussed many times, but hasn't really ever been implemented (except for a Thunderbird plugin, years ago, now lost to history.) I'd love to see somebody try it, but until they do I don't think we can call it a common practice. > In the meantime all large ISPs started to introduce their virus filtering, > spam filtering became the norm, and the load overall reduced, especially > malware seemed to be a thing of the past. After the shut down of the Russian > Business Network our filter software did not catch a single malware for about > 2, maybe 3 years. However, we are again seeing malware mails increasing in > numbers and our filter probably catches a dozen or two every day again. So, > malware reporting is still necessary. In the last few weeks a few of our free > text malware reports bounced, one with a large ISP, who said in its bounce > message, that MARF is expected for abuse reports. That's basically the > trigger of why I checked the current definitions and started implementation > of MARF feedback-type virus into our utility until I realized the issues > (which resulted in the initial mail to you). Perhaps if you were to contact Yahoo!, they'd set up a trusted channel for your ARF reports where they'll be given a higher priority than random mail to abuse@. > Now, I guess, this would hamper introduction of MARF, especially before it > gets widely accepted, hence there should be a compromise which allows MARF > senders without such identification. MARF is already widely accepted. There are dozens of report generators and literally thousands of report consumers, nearly all following the use case described in draft-jdfalk-marf-as. That's part of why there's disagreement -- we don't want to change MARF in ways which would be incompatible with the established userbase. -- J.D. Falk the leading purveyor of industry counter-rhetoric solutions _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
