On Fri, 25 Aug 2023, Keith Moore wrote:
whatever clever anti-spam scheme someone might suggest, I'm confident I can
tell you whre it's failed before.)
It's simple to take a stab at describing the problem, much more difficult to
identify a specific set of mechanisms that are usable by ordinary people to
let them control what kind of spam filters make sense for them.
"Let people set their own filters" is indeed one of the approaches that
has failed many, many times before. When people ask for it, what that
really means is that the filters on the system they use aren't very good.
Improve the filtering and the demands for knobs and dials go away.
The closest you get these days is adjusting filter weignts when people
move stuff between the inbox and spam folder but even that doesn't really
work. I get tons of spam reports from users of large mail systems about
stuff that is clearly not spam, and when I ask they usually deny having
complained about it.
I absolutely agree that there's no purely technical way to distinguish spam
from ham, but it is possible to fairly reliably place messages into specific
categories that are useful for some particular user. e.g. based on message
content (what language?), length, types of attachments, whether signed by a
party known to the recipient, whether the sender is known to the recipient,
etc.
Sorry, but no. Spammers are not dumb, if you say these are the rules to
get your mail delivered, they will make their mail look like that. I
realize this sounds nihilistic but I spend a lot of time with people who
do this for a living.
Also a set of recommendations for how to make email easily classified on the
recipient's end. e.g. which magic DNS records should be set up, what kind
of signatures should be used, how should those signers' public keys be
verified?
There are plenty of those. M3AAWG publishes some of them, no need for the
IETF to try and duplicate it.
Once I lost a contract worth hundreds of thousands of dollars because the
would-be client's mail got caught by a spam filter, I realized that spam
filtering really needed to be something that could be specified on a
per-recipient basis.
I've lost stuff too, but I can assure you that hand tweaking the filters
would not guarantee getting the mail you want. In the extreme case one
might say deliver everything, in which case you won't even be able to see
the mail you want among all the crud.
R's,
John
