At 11:18 -0800 3/5/03, Michael Marking wrote:
> You are totally missing the point that there is nothing added by
embedding an open SMTP server in the middle of this process.
No, that is not what is going on. I gave some reasons to keep open
relays (and no doubt others could give more), and you simply valued your
approach more than the ones I suggested.
I don't see much use for a wide open mail relay, generally, considering
the magnitude of the problem that is caused.
With the existence of blacklists and so on, wide open relays are not
a workable solution anyway.
I would liken a wide open relay to an attractive nuisance, in legal
terms. It's there, people use it *very* badly (to such an extent that
it even draws toward itself others who use it badly).
It is certainly premature to assume that the net cost of one solution
(such as eliminating open relays) exceeds or trails the net cost of
another solution (such as content filtering). This is especially true in
that one user's individual situation may differ greatly from that of
others' situations. If there is not an extremely good and compelling
reason to impose the values of the majority on everyone, then it is both
unethical, and poor engineering, to do so.
A wealth of alternatives exist that do not bear the detrimental
effects of wide open mail relays.
You appear to assume that, since open relays are not "necessary", then
they have no value, however slight. There are two flaws in this
argument:
First, you arrogantly dismiss the cost to others of your
solution. Simply because I have access to resources does not
give me any moral right to require everyone else to acquire
those same capabilities. If you were willing to go out at your
own expense and personally reconfigure all of those open relays,
then perhaps I would be convinced there is no cost to anyone
(except you).
The number of open relays appears to have declined quite a lot from
the time I started working on the spam problem generally. It is
simply not and never has been in an arbitrary relay operator's
interest to allow the use of his resources by others... that's a
very, very simple economic argument.
If you are trying to advance a theory that the cost of one-time fixes
to unnecessarily open relays is anything significantly more than the
ordinary cost of mail server maintenance, I definitely won't buy into
it.
Second, there may be no benefit whatsoever to requiring closure
of all open relays. Even if all open relays were closed, then
the spam problem would not be solved. If (when) we determine
that some other solution would be effective and cost little,
then why close the relays?
Open relays are historically a tremendous source of spam, because
they hopelessly complicate the matter of assigning responsibility,
and because there is no administrative recourse for the actions of an
unaffiliated third party carried out through such an unsupervised
system. I don't think there's any model quite like the "open relay"
anywhere else on the net or in real life for that matter. If you are
running a "somewhat open" relay that knows its own users as they move
about, that is a very different matter.. there is administrative
oversight, recourse, responsibility...
Therfore, you cannot rightly say that "there is nothing added by
embedding an open SMTP server in the middle of this process". You may be
(and I believe probably are) wrong regarding both the cost and benefits.
You were alleging that open relays somehow promote privacy. An open
relay does nothing to improve a sender's "privacy". Services such as
hotmail or an AOL screen name do much more for privacy than a open
SMTP relay every could.
Until we can quantify, or at least describe, the benefits of all
reasonable solutions, it is inappropriate to rule one out merely because
an alternative does the same thing.
But when the argument on its face does not support the alleged
benefit, i feel obligated to point it out.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg