1. Spam Prevention Approaches - These systems aim to prevent the
spread of spam messages. There are fail-open and fail-closed systems.
With my spokeperson hat on I prefer the terms 'Detect Wanted' and
'Detect Junk'. I am not going to use any term that involves the
word 'fail' with a journalist when talking about my work or
company products.
I think the terms I propose are also easier to communicate.
2) Spam Deterrence Approaches - These systems aim to deter spamming
a) Authentication
b) Tracking
c) Non-repudiation
I place Authentication based approaches with other 'Detect Wanted' schemes.
Authentication plus some form of authorization gives access control.
I think that legal/legislative approaches should rank a bullet here. We
should also mention vigilante actions such as teergrubbing and hackback, I
don't approve of these, they create far more problems than people claim.
3) Spam Reduction - These systems aim to reduce the level
of spam by
making it more costly or timely to have the messages delivered.
Actually this is the objective of all security based approaches. The point
of security is risk reduction, not risk elimination. Unusually for an
Internet application we have an actual economic model here where the
attacker is actually a somewhat rational actor so cost approaches can bite.
a) Cost-based Systems (increase cost of spamming)
I think the term CHARGE-BASED is better than cost based.
b) Proof-of-work (i.e. hashcash)
c) Rate limiting
i) Ingress
ii) egress
I'm not fully comfortable with the spam reduction being a
third category,
I think that it is actualy a branch of the Detect Wanted chain, the proof of
work or charge is simply a form of authorization.
The detect wanted should thus split into two branches with an authorization
and authentication component, you need to use one mechanism from both to
address the whole.
Another issue to address is spam sender countermeasures and the
counter-counter-measures to defeat those. In particular I am interested in
schemes where there is an asymmetric work factor, preferably one that means
that it is more difficult for the spam sender to catch up than for the good
guys to counter.
I would also like to suggest that we consider deployment strategy
explicitly. I believe that the standard MUA setup will look something like
(ignoring subject folders for a moment):
Inbox
Known Good
Not Sure
Known Junk
I do not see the Detect Wanted and Detect Junk strategies being in
opposition. Until people use authentication mechanisms that allow a large
fraction of mail to be Known Good most mail is going to be in Not Sure or
Known Junk.
However it is quite an easy matter to at least achieve 'known good' status
for internal mail which in any large or medium sized enterprise is the vast
bulk for most people. If we design the strategy carefully we can achieve
some viral uptake.
Another area where is is comparatively easy to achieve a rough and ready
known good status is on mailing lists. Although spam senders do sometimes
subscribe to send junk this is relatively rare. Most mailing lists are
already applying a lightweight authentication mechanism of their own -
restricting posting to list members.
Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg