[Asrg] Email Postage (was Re: FeedBack loops)

Steve Atkins steve at blighty.com
Sat Nov 15 15:36:23 PST 2008 

On Nov 15, 2008, at 3:22 PM, Barry Shein wrote:

>
> On November 14, 2008 at 20:38 steve at blighty.com (Steve Atkins) wrote:
>>
>> Because email is, fundamentally, about people.
>>
>> People want to get email from their friends, their family, their
>> colleagues and their acquaintances. The vast majority also want to  
>> get
>> mail from companies they've bought from or expressed an interest in
>> (within reasonable constraints), organizations they're members of and
>> so on. And they also want to receive serendipitous mail from  
>> strangers.
>>
>> Naive blocking based on lack of SPF record, lack of DKIM signature or
>> lack of X-Herring: Red header breaks that. And breaking that, breaks
>> email.
>>
>> The vast majority (though not quite all) ISPs understand that their
>> role is to make their subscribers happy, and breaking email is not a
>> good way to do that.
>
> In some ways I ;ike your description a lot.
>
> But as an ISP let me also remind you that people being flooded with
> spam also "breaks email".
>
> We get heated complaints about both, false positives and too much  
> spam.

Absolutely. Delivering everything breaks email. Using broken, stupidly
aggressive spam filters breaks email. Using spam filters that reject  
some
unwanted email, but also reject a lot of wanted email... breaks email.

(It may not break email for one particular recipient, with a particular
email demographic, but it's going to make email unsatisfactory for
a significant fraction of users of pretty much any ISP.)

It's the operational problem to choose the right approach that doesn't
fall foul of any of those issues[2]. Naive blocking based on lack of SPF
record or lack of DKIM signature will block a lot of wanted email.

> As one example, we still have quite a few dial-up customers.
>
> At V.92 50kbps, a practical limit, that's about 5 kilobytes/second
> ideally, or about 17MB/hour.
>
> A call about a 50+MB mailbox which would take almost 3 hours to move,
> message by message or the whole thing, same problem, isn't unusual at
> all. And I mean with all the various spamassassin, procmail, etc.
> mechanics in place.
>
> Most people don't want to spend 3 hours making a single pass on their
> mailbox. Or, if they download the whole thing before reading locally,
> 3 hours before they see the first message. Particularly if there are
> only several messages they actually want to see in there.

All true[1].

> So, although the sentiment expressed above is appreciated and a
> reasonable ideal, in practice we don't live in such an ideal world.

No, the original sentiment was explicitly "Blocking email based solely
on lack of SPF record or DKIM signature will break email." You don't
need to live in an ideal word for that to be true, just this one where
they're both deployed at least as much by mainstream, non-botnet
spammers, as they are by sources of wanted email.

Cheers,
   Steve

[1] Though this is why many people on slow connections
tend to prefer interactive mail, where they can manually filter
based on sender and subject line, rather than downloading the
whole thing. Different thread.

[2] Not a hard operational problem. Freely available, off-the-shelf
conservative content-based filters, combined with free blacklists
of compromised machines and a modicum of virus detection does
pretty well, with minimal effort for the user and not too much
system overhead. That's yet another thread, though.

More information about the Asrg mailing list