Autor: Marc Sherman Datum: To: Marilyn Davis, exim-users CC: Betreff: Re: [exim] Heads up?
[Please keep this thread on the list, Marilyn.]
Marilyn Davis wrote: >
> The Reply-To: C/R's are broken anyway. I was thinking of embedding a
> url in the error message.
Ok. What you're proposing is radically different enough from all
existing C/R systems that it's not really the same thing; you should be
more explicit next time that you're proposing something so different.
That's why Fred and I got so confused.
As I mentioned earlier, I really don't think it'll work.
> Yeh. I suppose. But the people who received messages from my system
> that their mail was suspected spam did read them, and had their
> feelings hurt. It would certainly be better to offer a URL to get
> their mail through than to just reject them.
Well, you probably should tune your filters, then. My site, for
example, uses spam assassin. I filter at a score of 4, auto-learn at
12, but only reject at 20; anything between 4 and 12 ends up in a spam
bin read by a human. The highest false positive ever reported so far
had a score of 8, so there's plenty of margin of error between 8 and 20.
> But then, can't we use bounce_message_file to customize the message
> so that it is as friendly as a regular challenge?
No, because if you're responding with a 5xx to reject the message, you
don't generate any bounce; the _only_ text you get to specify is in the
5xx reason string. If a bounce is generated, it will be generated by
the originating MTA.
> But the sender doesn't see the delay necessarily -- am I right? And
> the message just gets sent again.
Yes, graylisting is fully automatic. I don't like it myself, either; I
was just trying to figure out what you were proposing.
> Yes but, my understanding is that the callout makes a new smtp
> connection to the address' host. Now, if the address was spoofed in
> the first place, isn't it true that we've only verified the
> existence of the address, not that the mail came from the address?
> And then we've only verified that the challenge will go to a victim.
Well, my point when bringing up callouts was that of the three cases
that traditional (reply-based) C/R presented, 2 were annoying and only 1
was effective, and callouts were _just_ as effective without the 2
annoying cases. I was _not_ proposing callouts + c/r together, but
rather callouts instead of c/r.
Your 550-based challenge system, on the other hand, would send the
challenge to the right person, but obfuscated in a way that I'm
convinced would be too difficult for most people to respond to. If you
used it, you'd likely lose much legitimate mail, both from confused
clueless users, and from grumpy clueful users. If, for example, you
were using this system when you contacted me for help on the exim
mailing list, and I couldn't reach you without reading a cryptic bounce
message and clicking on an embedded URL, I'd just curse, assume you
didn't really want my help all that badly after all, and delete your
message. That sentiment is quite common on many technical lists.
Perhaps it's because C/R has such a bad reputation for collateral spam,
and perhaps it's unfair of me to paint your 550-based system with the
same brush, but there it is.
> Thanks for straightening me out on this. My brains are feeling like
> spaghetti here.
My pleasure. It's refreshing to see a broken system being proposed by
someone who's interested in learning why it's broken, for a change. :)