--- On Mon, 5/6/13, Les Mikesell <lesmikes...@gmail.com> wrote: > On Mon, May 6, 2013 at 2:37 PM, <kd6...@yahoo.com> wrote: > >>> > >> Do you agree that end user recipients should have the final decision > >> about message disposition? And that they probably do want forwarded > >> messages whether or not the forwarder handles them in a way you deem > >> appropriate? > > > > No, because some types of scanning and responses can > only be administered site-wide by the administrator (i.e. > the software configuration) which cannot be changed on a > per-user basis. Take for an example a message cross- > or multi-posted to many users (e.g. perhaps from a mailbox > dictionary attack): Individual users will be unaware > of its bulk nature and perhaps ONLY the bulk nature will > classify it as spam. > > So, you can pass your knowledge on to the recipient, leaving the > disposition up to them. For example, I think google is probably as > good as anyone at that sort of bulk-discovery, and yet I regularly > find things they've tossed in the spam folder that are not spam. Why > do you think you have less false positives then they do?
1) Not always. For example, with a dictionary attack, for most of the attempts, there will be no valid user to pass on such information, and it's pretty obvious that when such an attack does hit a valid mailbox, that recipient should NOT get malicious message at all. 2) Because I'm not a target of spammers like Google is. Passing on a message to the user means accepting responsibility for it, which in turn implies to the spammer that the mailbox was valid (and it usually is or is a spamtrap). Such messages cannot be rejected during the SMTP transaction (because one is accepting them to let the user determine its maliciousness). Under your theory, an MTA should pass on messages containing e-mail virii too, so the user can determine it (or get infected for the not-so-savvy users). This latter point I clearly disagree with. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
