Re: Comcast blocking mail to its customers

[David Farber <dave () farber net>]

Begin forwarded message:

From: Joshua Tinnin <krinklyfig () gmail com>
Date: October 16, 2008 5:15:47 PM EDT
To: David Farber <dave () farber net>
Cc: gep2 () terabites com
Subject: Re: [IP] Re:       Comcast blocking mail to its customers
Reply-To: krinklyfig () gmail com

On Thu, Oct 16, 2008 at 04:18:51AM -0400, David Farber wrote:
> Begin forwarded message:
> From: Gordon Peterson <gep2 () terabites com>
> Date: October 16, 2008 1:02:57 AM EDT
> To: dave () farber net
> Subject: Re: [IP] Re:       Comcast blocking mail to its customers
...
> One simple and remarkably effective first-stage rule is to allow the
> recipients to simply declare that BY DEFAULT they wish to block mail
> from recipient-untrusted (or unfamiliar) senders if the message:
>
>   1)  contains HTML (key to all manner of evasion of antispam
> filtering);
>
>   2)  contains any attachments (likewise, and key to most viruses and
> worms arriving by E-mail... just today alone I received two spam
> messages with apparently hostile attachments);
>
>   3)  is bigger than a specified size.
>
> I believe that recipients should be able to establish a fine-grained
> "permissions list" of people who they accept mail from, and what TYPES
> of mail they expect to see from that sender (for example, I'm not
> going to accept executable attachments from most folks, although if my
> dear old Aunt Gertie wants to send me a picture of her poodle Fifi,
> that's probably safe).
>
> Establishing such a default rule for previously unfamiliar/untrusted
> senders means that senders would need to negotiate in advance with
> recipients (and using small plain text messages) if they want to send
> HTML mail or attachments (or large messages, for that matter).  Of
> course, that's only just courteous behavior anyhow... although it
> would be nice to have that practically become A REQUIREMENT, by
> convention.
>
> This default rule by itself would virtually eliminate E-mail as a
> transmission vector for viruses and worms... so it helps with a lot
> more than only just the spam problem!

Well, that sounds great, but what if, for example, the recipient is a
real estate agent who gets HTML by 99% of senders, who gets attachments
on a regular basis from people sending photos for listings, and who
cannot whitelist based on these conditions or lose the vast majority of
potential clients? I work for an ISP in Taos, NM, a rural area resort
town, and there are a lot of architects, real estate agents and artists
here. For the vast majority of them, this type of filtering wouldn't
work.

As is the case with so many of thse sorts of suggestions, it seems
completely oblivious to how the "real world" actually uses their email.
Myself, I use mutt, fetchmail and procmail, and I use my ISP for
POP/SMTP. I do all my own filtering through procmail and SpamAssassin.
HTML is handled through w3m inline, and I can view attachments through
separate applications. Plus, I can access my email from anywhere through
ssh. But I'm working on FreeBSD, which is even less popular than Linux
as a workstation, and although I'm very happy with how it all works,
it's hardly practical for most people.

- jt




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com