[Mailman-Users] ARC, was non-subscribers getting through--email address in "Real Name"

John Levine johnl at taugh.com
Mon Jul 23 12:46:38 EDT 2018


In article <CAMSGcLBBUS2P6ZR5BmscXeFgPpcvO-rEVMasWvKznXz4oo65og at mail.gmail.com> you write:
>On Sun, Jul 22, 2018 at 3:18 PM Grant Taylor via Mailman-Users <
>mailman-users at python.org> wrote:
>
>> On 07/21/2018 02:24 PM, John Levine wrote:
>> > I know people working on whiteish lists to use with ARC, to say that
>> > these domain are known to host real mailing lists so you should believe
>> > their ARC assertions.
>
>Why not just have that list, and a X-Trust-Me: YES header? It would be much
>simpler to implement than ARC.

There turns out to be an actual answer to this question, which I have
asked people from Google.

When someone gets his address book stolen from his botted PC, spamware
will send spam to everyone in his address book using his address on
the From: line.  If some of those addresses are lists, those lists
will generally forward the spam even though they are otherwise legit.

Google tells me this happens often enough that they can't just
whitelist mailing lists, and ARC gives them the clues to tell
forwarded bot spam from forwarded real mail.  I've certainly seen
it both on lists I run and lists I subscribe to.

As I said a few messages ago, if lists did more stringent tests on
incoming mail, a lot of this complexity could be avoided, but they
don't so it can't.

R's,
John


More information about the Mailman-Users mailing list