Paul Judge wrote:
This is a draft of high-level requirements for anti-spam systems. This list
was started by Keith Moore. This draft incorporates feedback from
Balachander Krishnamurthy, Gary Feldman, Troy Rollo, Damon Sauer, Paul
Judge, and Hadmut Danisch.
1. must minimize unwanted messages to some acceptable level
2. must not affect delivery(latency, integrity, cost, reliability) of
wanted messages to a point that would effect the normal use of email
3. must be easy to use
4. must be easy to deploy, incrementally
a. must provide incentives to deploy for those doing the
deployment
5. must not depend on universal deployment to be effective
6. must not reduce privacy
7. must have minimal administration and implementation overhead
8. must have minimal computational and bandwidth overhead
9. must consider the threat and be robust in the face of such threats
-(potential new work item: a spam threat model)
some properties of the threat:
- adversary knows details of anti-spam systems
- adversary is intelligent and well-funded
10. should consider how legal issues affect, support, or constrain the
technical solution
(sent previously as reply to Hadmut's mail. most points in that reply
are mostly covered but...)
11. must not violate RFC2026 (no proprietary solutions, no IP
restrictions)
Partly covered by point 10, but important so...
Frank
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg