Ie: from the charter:
The definition of spam messages is not clear and is not consistent
across different individuals or organizations. Therefore, we generalize
the problem into "consent-based communication". This means that an
individual or organization should be able to express consent or lack of
consent for certain communication and have the architecture support
those desires.
The charter for the RG is online :-)
On the other hand, as Paul's welcome to the list also
comments, we should consider whether that's too confining.
I agree, being able to express consent and have the architecture support
those desires is an interesting topic. But, unless you strain the
definition of consent implementation to the limit (and build automatic
classifiers, which we're a long way away from), you're faced with
"merely" a technical infrastructure that implements something that
spammers will ignore. It only works if the spammer "consent" to telling
the truth.
Rule #1: spammers lie.
Indubitably. Of course the content (while deceiving some automatic
classifiers) can't. Which is why so many people favour these approaches.
However, either "consenting-ness" is only considered proximal to the
receiver (in the receivers MUA?) or it's propogated back toward the sender
in the transport chain. In the latter case some means of representing and
publicising "consent" is *required*
and so considerations of what consent is, what entities give and and seek
it, are not just "interesting" but merely acedemic exercises, but (I guess)
key to the definition of a framework which can utilise whatever particular
technology we might individually espouse.
I think that one of the early, yet valuable, things that the ASRG can do
is level-set the "anti-spam" effort: identify which definition of "spam"
warrants the efforts (UBE, IMHO), classify existing solutions, make them
play nice with each other, establish best-current-practises for various
aspects of spam control - ie: BCPs on how anti-spam gateways should
behave, BCPs on how DNSBLs should operate (ie: truth in advertising),
BCPs on how false positives should be handled (ie: rejects, versus
bouncing, versus silent blackholing), BCPs on privacy concerns of
distributed bulk detection (hi Vernon! ;-), etc.
Yes, absolutely, for which a taxonomy / theory of "spam" and "spam
reduction" technologies is *required" or this push will become a morass of
narrowly empirical, anecdotal and disjoint initiatives.
--
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg