[Asrg] Re: Receiver Initiated Authentication
Michael Kaplan
michaelkaplanasrg at gmail.com
Mon Sep 17 23:32:58 EDT 2007
On 9/17/07, SM <sm at resistor.net> wrote:
>
> At 13:30 17-09-2007, Michael Kaplan wrote:
> >I argue that this is an excellent way to use bounces (even if a
> >small number are misdirected). I'm not sure what "unreliable" refers to
>
> More sites may block bounces or drop them in the bit bucket.
Section 9.3 calculates how RIA, when adopted by 50% of the global
population, will on average increase 'spam' sent to innocent users by 0.2%.
Unlike with real spam BATV can perfectly block this 0.2% increase in spam
received. I doubt that RIA will be the straw that breaks the back of the
bounce system.
>Section 5.2 outlines how surprisingly simple it is to distribute
> >Auto-Resend to most of the population, and the last bullet point of
> >section 11 details how unnecessary Auto-Resend is. A routine
> >Windows Update patch would take care of most of the Outlooks out there.
>
> That's assuming that the operating system is still supported and
> installs the updates. There are a lot of legacy systems out
> there. I won't ask who is going to pay for all this.
Perfect adoption of Auto-Resend is impossible; fortunately it is not
needed. Auto-Resend only enhances transparency. Remember, if your email
domain (your domain doesn't have an SPF record) uses a single MTA then only
a single person using that domain will need to manually resend a single
bounce; every future non-forwarded email sent by anyone in that domain will
be authenticated. Auto-Resend is a good feature, but RIA will remain almost
completely invisible to users even without Auto-Resend.
Who will pay for it? I expect that the client and server software
developers will take it upon themselves to incorporate Auto-Resend as a
routine feature. It is a one-time software upgrade. It is not like a
statistical filter that requires constant maintenance.
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www1.ietf.org/pipermail/asrg/attachments/20070917/82642508/attachment.html
More information about the Asrg
mailing list