on Tue, Nov 23, 2004 at 03:14:59PM -0500, Rob McEwen wrote:
Differences being tastes in the definition of the classification
...which reminds me... I keep meaning to ask about what constitutes a FP when discussed on this list. Basically, this isn't always so black & white:
Consider the following classifications:
<snip categories>
(I'm sure someone else could have done a better job of listed hard-to-differentiate categories)
For me, I'm coming to the point of simply distinguishing between mail delivery attempts that occur in the context of abusive behavior (e.g., as part of the same session that tries to deliver to a spamtrap) or has so many things wrong with either the remote host (no rDNS, mismatch rDNS and HELO, known forged HELO, HELO as blacklisted domain, etc.) or with the message itself (missing Message-ID, tracking device header, misleading MIME content-type - ie, multipart/mixed with only one part, which though legal (!) is a very strong indicator of spam, etc.)
I see a future in which legit mail servers are simply expected to be configured within a reasonable bound, and act in reasonably nonabusive ways, or else their mail will be rejected. Here, anyway. Unfortunately, the spammers will likely simply beat us to it, so even these checks become less useful.