keith moore suggests the following criteria for potential solutions in
https://www1.ietf.org/mail-archive/working-groups/asrg/current/msg00726.html
- should minimize spam to some acceptable level (say, 0.1% of received messages)
- should not prevent delivery of legitimate mail
- should not adversely impact valuable functionality
- should be easy to use (even for grandma)
- should be easy to deploy, incrementally
- should not depend on universal deployment to be effective
- should provide incentives to deploy for those doing the deployment
all of the above are laudable goals. i would like to add a few more
- senders and receivers of wanted (i prefer the term wanted over "legitimate")
mail should not have to pay additional monetary costs
("sender pays" scheme causes additional pain for people who send/receive
wanted mail - it would penalize "good folks" because "bad folks" send spam)
- no new protocol should be required to implement such solutions (maybe this is
covered in 'easy to deploy')
- there should be no additional impact on privacy of participants as a result
of such solutions
also, the notion of consent in the original writeup seems to take for granted
that participants have to consent a priori. it would be interesting to consider
a scheme where the sender takes a very modest risk ('liability') which is lifted
when the receiver deems the mail as wanted. the consent is given by the receiver
after the mail is received. the receiver gets to decide if mail is "spam".
cheers,
bala
balachander krishnamurthy
http://www.research.att.com/~bala/papers
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg