Re: [Asrg] Sender ID again, was Anti-spam laws do work

[John Levine <asrg at johnlevine.com>]

> Well, how does the current version of DCC that only works on unique
> messages work so well?

DCC does a great job of detecting bulk spam.  It does an equally good
job of detecting non-spam bulk mail, which means that if you use it to
block mail, you'll lose a great deal of wanted mail unless you also do
a lot of manual whitelisting.  I use DCC, and I maintain a whitelist,
and it works for me, but it's not easy nor automatic to do so.  Vern
has always made it crystal clear what DCC is and isn't, and made it
equally clear that if you want to get mailing list mail, you have to
whitelist it.

> If I can get a DCC that will identify abusive SenderID domains, that
> would be awesome.

I find it baffling that you see DCC and Sender-ID as in any way
similar other than that they both can be used to filter spam, for
varying definitions of "spam" (and, I suppose, that they both have
huge false positive rates.)  DCC makes hashes based on message
contents, without regard to the message source.  Sender-ID only looks
at the message source, without regard to message contents.  They're
about as dissimilar as two mail filtering approaches can be.

If your only goal is to block spam and you don't care about losing
other mail in the process, I can block 100% of your spam permanently
using only a pair of wire cutters.  If your goal is to block spam
while delivering the real mail, the problem is much more difficult,
and Sender-ID is at best only a mild help and at worst a
counterproductive and time-wasting diversion from useful work.

Regards,
John Levine, johnl at taugh.com, Taughannock Networks, Trumansburg NY
http://www.taugh.com


_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg