ietf-822
[Top] [All Lists]

Stopping spam - is it possible?

2001-01-20 13:21:51
At 10.42 -0700 01-01-19, ned(_dot_)freed(_at_)innosoft(_dot_)com wrote:
But this is beside the point. You claimed to have a better alternative and
I asked what it was. You haven't answered my question.

If the goal is limited to stop spammers from using other MTAs
to multiply their messages, it would be enough to stop multiplication
of external mail with more than, say 20 RCTP TO:s, possibly also
noting if the same message is sent several times in 20-at-a-time
chunks.

If the goal is to really effectively stop spamming in e-mail,
this problem is very difficult. The cause of the difficulty
is that whatever action taken to stop spammers, the spammers
will find ways to circumwent it.

IETF had a BOF discussing spam some years ago, but as I
remember all or most of what was said would not work simply
because spammers can find other ways around them.

For example, relaying of foreign mail was not effective
in stopping spam (even if it was effective in stopping certain
kids of overloads of MTAs caused by spammers), because spammers
found other ways.

Similarly, identification of many identical messages will
probably not work, because spammers have started to personify
their spams, including "Hello Jacob" in the text of spams
sent to me. This will make it difficult to identify duplicate
copies of spams.

Threatening ISPs which allow spammers with expulsion from
the Internet might work, but is somewhat questionable
from a democratic viewpoint.

Also, the opinion on what is a spam can vary, there are some
messages which are in-between. For example, I receive lots
of mail with invitations to various conferences. I do not
regard them as spam, simply because I am interested in their
content, even though from an objective viewpoint they are
certain unsolicited marketing mail.

What might possibly work would be something similar to
PICS servers - a database identifying spams. Like with PICS,
there could be different scales, so that different people
could have different opinions on what they want and do not
want. However, because mail is so rapid, such a data base
must be very rapidly updated, by many people (i.e. all
ISOC members except those who misuse the data base) allowed
to update the data base. And it must be able to stop messages,
which have already arrived at your mailbox, maybe even have
already been downloaded to your personal computer.

It also requires a way of identifying variants of the
same message, which spammers create to circumwent this
kind of data base.

---

What I personally find most disgusting is actually not
spams sent to me, but spams sent to mailing lists which
I manage. My mailing-lists are moderated for messages
from non-members, so none of these spams will ever
reach the members of the list. But since there is
a small chance that non-members will write something
which should be accepted, I have to monitor all
those spams. The spammers gain nothing, since no one
except me sess the messages.
--
Jacob Palme <jpalme(_at_)dsv(_dot_)su(_dot_)se> (Stockholm University and KTH)
for more info see URL: http://www.dsv.su.se/jpalme/