John D. Hardin wrote: > But if the stated purpose of the BL is "this domain does not have a > working postmaster address" then it's unreasonable to ask them to > exclude a domain that does not have a working postmaster address, no > matter how large or popular that domain is.
My concern is the score attached to those rules by SpamAssassin. The purpose of SpamAssassin is to detect spam with as few false positives as possible. Attaching a score of 3.2 to every outgoing mail from yahoo.com is, counterproductive. I would even go so far as to claim that those rules are adding more spam points to ham mail than any other rule. The purpose of SpamAssassin is not to punish domains without working postmaster addresses. It is not to act as RFC cops. It is to detect spam. Let's not lose sight of the goal because some BL list has gone on a crusade to police compliance to RFC's that have lost relevance. As far as SpamAssassin is concerned, the rule is only to detect spam, and if that is the case, then size and popularity of the domain does matter - the ham to spam ratio from that domain matters, and the volume of false positives definitely matters. Note to all: the rule is broken. If costs associated with spam, malware, and flooding continue to rise, more ISPs are going to make people jump through a few hoops to contact them. The days where we all have direct postmaster and abuse "hotlines" are over. 911 lines are constrained to have real people answer the phone. Because of that, there are laws in most jurisdictions that criminalize abuse of that line. RFC-ignorant is attempting to constrain domains to, in essence, have real people vet all mail that goes through to them. There are no laws that protect an abuse@ address any more than any other address, so there is a discontinuity between what is expected of domains and how they are themselves protected from abuse.
