[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] FeedBack loops

To: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Subject: Re: [Asrg] FeedBack loops
From: Barry Shein <bzs at world.std.com>
Date: Thu, 13 Nov 2008 21:31:05 -0500
Delivered-to: ietfarch-asrg-web-archive at core3.amsl.com
Delivered-to: asrg at core3.amsl.com
In-reply-to: <20081114015232.GA20845 at gsp.org>
List-archive: <http://www.irtf.org/pipermail/asrg>
List-help: <mailto:asrg-request@irtf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-post: <mailto:asrg@irtf.org>
List-subscribe: <https://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
List-unsubscribe: <https://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
References: <C541E82A.9C0E%jdfalk at returnpath.net> <14353002.1031226613733530.JavaMail.franck at franck-martins-macbook-pro.local> <20081114015232.GA20845 at gsp.org>
Reply-to: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Sender: asrg-bounces at irtf.org

On November 13, 2008 at 20:52 rsk at gsp.org (Rich Kulawiec) wrote:
 > On Fri, Nov 14, 2008 at 10:02:14AM +1200, Franck Martin wrote:
 > > We were talking about: "when the user click spam, the system does not send a spam report but an unsubscribe if the mail contains the right headers and the unsubscribe is successful" 
 > 
 > First, there's no way for the web interface to know if the unsubscription
 > request was successful -- presuming that it's submitted via the address
 > specified in the RFC 2369 headers.

Is that important? Any unsubscription confirmation email should go
back to the subscriber.

 > But second, and this is the much larger problem: widespread adoption of
 > this will almost instantly lead to its mass exploitation by spammers.

How? Maybe I lack imagination, but why is this any more of a problem
than spammers just sending unsub etc requests now?

One would hope the path between a customer clicking a spam complaint
button and the service provider is reasonably reliable. And the unsub
could be verified by the same sort of means it might be verified
today.  For example I might only execute an unsub from AOL if it came
either from a customer who was actually sub'd to the list or from
AOL's feedback loop MTA. I suppose an FBL could also set up some sort
of asymmetric key pair method at setup.

But maybe I'm missing something entirely.

-- 
        -Barry Shein

The World              | bzs at TheWorld.com           | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD        | Login: Nationwide
Software Tool & Die    | Public Access Internet     | SINCE 1989     *oo*
_______________________________________________
Asrg mailing list
Asrg at irtf.org
https://www.irtf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] FeedBack loops
  - From: Rich Kulawiec
- Re: [Asrg] FeedBack loops
  - From: Steve Atkins

References:
- Re: [Asrg] FeedBack loops
  - From: J.D. Falk
- Re: [Asrg] FeedBack loops
  - From: Franck Martin
- Re: [Asrg] FeedBack loops
  - From: Rich Kulawiec

Prev by Date: Re: [Asrg] FeedBack loops
Next by Date: Re: [Asrg] FeedBack loops
Previous by thread: Re: [Asrg] FeedBack loops
Next by thread: Re: [Asrg] FeedBack loops
Index(es):
- Date
- Thread