Spammers have proved to be astonishingly and quickly adaptable
AD> In some situations. In others, they are astonishingly idiotic.
AD> Once again, the behavior is situational.
the folks who command estimated millions of compromised machines, with
a 3- or 4-tier control hierarchy, do not count as idiotic.
let's design mechanisms that deal with those guys. the rest are
irritating but they are mere noise.
This means we will always be chasing the latest symptom, rather than
going to any core characteristics of the "disease".
AD> Do you have a solution which addresses the cause?
i've been asked to refrain from pursuing that topic for a few weeks...
AD> If not, why do you keep repeating this, as though it's relevant?
i've explained the reason quite a few times. just so it is not missed
Effort on a global standard that deals with a transient symptom is
certain to have minimal, transient benefit, if any, but with very
large opportunity and on-going costs.
AD> To address your analogy,
If you mean bandages, it's not mine. you introduced it, as i recall.
I was simply trying to pursue it.
AD> please read a medical compendium containing
AD> descriptions of diseases and their treatments. In many cases, the
AD> phrase to note is "treatment is symptomatic".
Please show me a successful, global standard that has been designed to respond
one set of symptoms, when the source of those symptoms is constantly
adapting, guaranteeing that the symptoms will become irrelevant as
soon as the response begins to take effect.
You characterize my query as using a straw man. However it is the
conceptual summary of the current effort, from the standpoint of
standard-based intervention to fix a problem.
so it is not a 'straw man' because it is not creating a convenient
hypothetical. it is a description of the current effort. feel free to
find fault with it, preferably by citing which parts of the summary
are wrong, and how.
Global standards are not used individually and they are not used
selectively. They are for interoperable situations. The result
means that applying a bandage becomes a required part of everyone's
contact with anyone else, everytime.
AD> Why? You've made a leap from MARID being used by cooperating peers,
AD> to it being:
AD> a) "required" somehow, by some fiat
to be at all effective, the mechanism must be used all the time and we
will never know when or if we can stop using it. (it's in the nature
of aversion reinforcement training.) that is tantamount to requiring
its use forever.
AD> b) used by everyone (even people who don't want to use it?)
if they want their mail to get through, yes.
AD> c) used always (even when whitelists make it unnecessary?)
whitelists are accreditation.
the marid-core is about authentication and authorization.
they are independent.
AD> To put it yet another way, MARID can be thought of as a set of
AD> distributed DNSBL's.
Sorry, but CSV follows the BL construct, marid-core does not.
no, computer science.
the difference between accreditation, versus authentication and
authorization, is basic.
AD> I was referring to the work in the MARID group, not to
AD> a proposal. (Which is called what, Sender-ID? Or did the WG decide
AD> that marid-core was the protocol we will standardize, and that we
AD> would call it MARID? I must have missed that...)
marid-core is the only working group document with a specification
currently under discussion. whatever else folks might be mentioning,
there is no working group document for it.
AD> Each domain operates its own DNSBL (or
AD> whitelist), which use a well-known format.
And each domain is supposed to maintain this list how, exactly? Note
that the question is particularly relevant when spammers are quickly
obtaining and using new domains with clean records.
AD> I think you're missing my point. My intent was to say that each
AD> domain maintains a DNSBL (or whitelist) of IP's which it permits to
AD> use it's name.
the term whitelist usually refers to hosts or networks with behavior
that is deemed likely to be acceptable to the receiver, not the
no, that's not quibbling. it goes to the difference between
authorization and accreditation.
AD> That's the basic concept behind MARID. Having domains
AD> maintain BL's about others is expensive and pointless.
pointless? so spamhaus and all those other lists are pointless?
THat's not what MX does. MX is a routing record, not a query record.
AD> The intent of MX is that it is *interpreted* as a routing record.
it's the semantics of the record, not the "intent".
Dave Crocker <mailto:dcrocker(_at_)brandenburg(_dot_)com>
Brandenburg InternetWorking <http://www.brandenburg.com>
Sunnyvale, CA USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>