Re: [dmarc-discuss] FBL via DMARC?
>> But see https://datatracker.ietf.org/doc/draft-levine-herkula-oneclick/ >Is this really a good idea? Spammers will add this new header as they added >List-Unsubscribe headers as well and you will kindly validate the spammed >email address if a user marks it as junk. There are much, much, easier ways to validate recipient addresses such as web bugs, which spammers could use if they cared, which they haven't for at least the past decade. Or for that matter, they could use the existing List-Unsubscribe, which has been around since 1998. We address this and other stuff in the Security Considerations section in the draft. R's, John PS: This really has nothing to do with DMARC. The discussions about this draft have been on the IETF dispatch mailing list. ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
Re: [dmarc-discuss] FBL via DMARC?
On 29.11.2016 19:06, John Levine via dmarc-discuss wrote: > But see https://datatracker.ietf.org/doc/draft-levine-herkula-oneclick/ > > This is likely to be an RFC soon, and is apparently already > implemented at some large webmail providers. You can put a new header > in your message which encourages recipient systems to do a one-click > non-interactive unsubscribe when someone reports the message as junk. Is this really a good idea? Spammers will add this new header as they added List-Unsubscribe headers as well and you will kindly validate the spammed email address if a user marks it as junk. Dunno, but sounds like bad idea... Juri ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
Re: [dmarc-discuss] FBL via DMARC?
At AOL we're doing this with a confirmation popup in clients we control and then sending a unsubscribe mail on behalf of the user when we find unsubscribe mailto links, and I know that some 3rd party clients also have started to implement unsubscribe logic (iOS 10 does so for example). I also know (and I think I'm allowed to say) we've been working on code to do the one click URL based unsubscribe as well. On Tue, Nov 29, 2016 at 8:51 PM, John R Levine via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > What would be great is if this RFC could have some language discussing >> having a confirmation dialog to prevent these accidental mistakes from >> happening. >> > > It does. It says that the whole point of this draft is to have a > non-interactive unsubscribe that mail systems can do in the background when > people report mail as spam. > > Mailers may not like it, but it's what recipient systems want, and what > they've told me they're going to do. > > > R's, > John > ___ > dmarc-discuss mailing list > dmarc-discuss@dmarc.org > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well > terms (http://www.dmarc.org/note_well.html) > -- PAUL ROCK Principal Software Engineer | AOL Mail P: 703-265-5734 | C: 703-980-8380 AIM: paulsrock 22070 Broderick Dr.| Dulles, VA | 20166-9305 ___ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
