At 01:32 PM 3/5/2003 +0000, Roland wrote:
>> Any consent has to be given from the receipient to the sender,
>> and should be non-transferable and revokable at any time.
The only one which can give consent for bulk-mail is the receipient,
Look through the header lines on this email, and tell me who is the sender
and who is the recipient? My system (my PC) very likely never spoke with
your PC. Rather, it traversed a number of SMTP sessions, going from relay
to relay, such as (copied out of an email I sent earlier in the week and
received back on this list):
My PC -> mira-sjc5-b.cisco.com
-> sj-core-2.cisco.com
-> ietf.org
-> www1.ietf.org
-> proxy1.cisco.com
-> sj-msg-av-3.cisco.com
-> sj-core-2.cisco.com
-> mira-sjc5-b.cisco.com
and finally a POP session to my PC.
So to whom do I assert that I am only willing to receive <something>, or
that I am not willing to receive <something>? And which system is "me"?
I think the relay servers at the IETF are the place where the spammer will
send; one would like them to reject traffic <somehow> based on the traffic
being inappropriate for the list. That is essentially what we do when we
moderate traffic. My company also has servers that inspect the language in
an email and classify some subset of it as commercial messages, presumably
unsolicited, with a fairly low false positive rate. The rate is low enough
that I have elected to tell my Mirapoint server to discard anything that
SpamAssassin or whatever said process uses has decided is probably spam;
I'd rather accept the false positives than deal with the trash. My PC, of
course, has a list of filters that won't quit, partly for spam and partly
for sorting messages into appropriate mail files.
Even spam that is directed to my personal email address goes through
several steps. I got an email earlier today (from an airline that
apparently has very compatible flight attendants) that was sent to
laptop -> proxy1.cisco.com
-> sj-msg-av-3.cisco.com
-> sj-core-2.cisco.com
-> mira-sjc5-b.cisco.com
and finally a POP session to my PC.
So I don't think either end user talks with the other, and their direct
agents (laptops) don't.
We need to sort out what kinds of policies might be applied in different
places, and how much user control there is. It would be very nice to
somehow automate the concept of a "moderator", and apply straightforward
filters - no matter how compatible the flight attendants, I actually might
have lived without that advertisement...
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg