On 9/1/23 3:32 AM, Laura Atkins wrote:
You don’t know that they don’t do spamfiltering on outbound messages.
You don’t see what they catch and don’t send. What you do see is when
that spam filtering fails.
I do know that a small number of operators don't do any outbound spam
filtering because it has come up in conversations comparing systems /
configurations.
Many ESPs are doing that, and doing blocklist checking on URLs.
I'm glad for the ESP's efforts.
I wish more people would do so.
But all it takes is for one message to slip through and amplified.
I'm not talking about the false positives / false negatives.
I'm talking about the lack of any outbound filtering period. Not what
slips through said filtering.
I don’t understand how this is going to address the problem.
It won't solve the problem. No single thing will solve the problem.
But it's another simple test that can be done between the MSA and the
MTA to reject things early in the flow.
As Bron said: the inbound system has a lot more information about the
mail than the outbound system.
Having more or less information doesn't have anything to do with acting
on the information that you do have, especially if it's verifiable and
reliable.
I’ll also point out that if it’s one-to-one or one-to-few there
are legitimate reasons to send spam. Say, mail to an abuse address
reporting spam. I’m sure we can agree that MTAs shouldn’t be
blocking abuse reports, yes? What you’re asking for means a lot of
spam reports will be blocked (or incomplete).
I'm trusting that's not a "but think of the children" knee jerk response
along the lines of "we can't filter outbound spam because we want to not
block spam reports."
There's reasonable basic filtering and then there's deep filtering.
I'm sure that we all know what we need to do t in order to get spam
reports through our respective systems.
1) Try forwarding spam as a message/rfc822 attachment.
2) Try forwarding spam headers as a text/rfc822-headers attachment.
3) Try putting #1 in a zip file.
4) Try putting #2 in a zip file.
5) Try password protecting #3.
6) Try password protecting #4.
...
n) Ask your postmaster how you are supposed to report spam.
I maintain that basic spam and virus filtering should be done on
outbound email.
You’re asserting there are no basic checks being done. Do you have any
evidence other than sometimes mail evades the outbound filters?
I have had conversations with multiple small email operators over the
years that have told me that they only do any spam and virus filtering
on inbound email and that they do not do any such filtering on outbound
email.
--
Grant. . . .
unix || die
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
