| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by massaman_yams 1390 days ago
	As a practitioner, I can tell you that this proposal would be quite a bit behind state of the art for email spam filter accuracy. For example, there's a surprising amount of legitimate mail that gets sent without authentication, and which you don't want to block because your end users will get mad if it goes missing. I may also point out that "reputation scoring for netblocks" is the exact problem the original blog post was complaining about. He was trying to send from residential ISP and VPS netblocks that had poor reputation, and saw delivery problems as a result.

1 comments

pas 1390 days ago

if netblock reputation were known small non-spam senders would congregate, this would help weed out the spammers.

but google et al. don't provide any feedback. nor any way to build reputation for your IP. (where are all the staking blockfoo chainbar solutions? or at least let people pay a one time fee for some exception)

anyway, since we already have certificate transparency, we could have a similar one to look up MTA/domain repu provider, then sending DKIM signed HTTP calls to the reputation report address, and let people aggregate it.

link

massaman_yams 1390 days ago

> "... small non-spam senders would congregate" Congratulations, you've invented the email service provider. Most small non-spam senders don't want to spend the time figuring out IP reputation, DKIM, or SPF already, so they pay someone to do it for them. What makes netblock reputation different?

Reputation isn't public because then spammers game it and you get worse filtering outcomes. ISPs learned this the hard way.

link

pas 1389 days ago

sure, there is no problem with having 95+ % or more handled by professional industrial companies

the problem is that they literally don't even allow others at the table, only way is to force yourself a seat by having enough traffic

link

massaman_yams 1388 days ago

Is it getting harder to self-host? Yes. Impossible? No. Most senders just find it easier to pay for it.

link

pas 1386 days ago

Everything is getting harder as tech gets more and more complex. (As IT matures.) That's okay. The problem is that the incentives suck and there's too much business in email. The big ones have built their moats, and there's not much to do.

"SMTP" was simply never made to be resistant to this. (Nor the web in general.)

link