[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] 4. Consent Framework - General

To: ASRG list <asrg@ietf.org>
Subject: Re: [Asrg] 4. Consent Framework - General
From: waltdnes@waltdnes.org
Date: Sat, 30 Aug 2003 17:12:51 -0400
In-reply-to: <Law12-F733Fd1jmd8cv00010db4@hotmail.com>
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <Law12-F733Fd1jmd8cv00010db4@hotmail.com>
Sender: asrg-admin@ietf.org
User-agent: Mutt/1.4i

On Fri, Aug 29, 2003 at 01:11:02PM -0600, John Fenley wrote
> From: "Bart Schaefer" <schaefer@brasslantern.com>
> 
> >How would Choicelist or a similar scheme handle mailing lists that use
> >VERPs?  Specifically those where the VERP token is regenerated at every
> >list delivery and hence differs even for the same recipient?  (I believe
> >Yahoo! Groups has this behavior, for example, though I haven't checked
> >recently.)
> 
> Just to clarify, were you talking about Variable Envelope Return Paths?
> That is a dilema. On the one hand that sort of dynamic address creation has 
> valid uses, but on the other hand that makes it impossible to verify each 
> address (a requirement for creation of a choicelist entry).
> 
> In this sort of special case it may be necisary to add a Choicelist header 
> pointing an entry with a wildcard description of the sending addresses that 
> will be used (without a header address based lookup might fail), as well as 
> a mandatory authentication mechanism (without authentication a header would 
> allow anyone to specify unsecured ids). Then there would have to be some 
> sort of proof that the person creating the entry was authorised to use all 
> of those addresses.

  I use an ISP whose blocking occurs after RCPT:, but before DATA:.
This precludes the use of X-Headers.  I whitelist the rDNS of the
sending MTA.  For instance, I subscribe to a Yahoo mailing list.  The
line...

PIACCEPTTAIL grp.scd.yahoo.com

in my ruleset accepts email from machines whose rDNS ends in the string
grp.scd.yahoo.com

-- 
Walter Dnes <waltdnes@waltdnes.org>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- Re: [Asrg] 4. Consent Framework - General
  - From: John Fenley

Prev by Date: Re: [Asrg] 0. General - Administrative - for M. Wild
Next by Date: Re: 7. BCP - Mail Administrators: Checking HELO (was:[Asrg] 0. General - Administrative - for M. Wild)
Previous by thread: Re: [Asrg] 4. Consent Framework - General
Next by thread: Re: [Asrg] 2.a.1 Analysis of Actual Spam Data - next steps (reflection)
Index(es):
- Date
- Thread