ietf-asrg
[Top] [All Lists]

RE: [Asrg] Several Observations and a solution that addresses them all

2003-03-10 11:12:33
Bah, you're barking up the wrong trees.

As I stated, you cannot rely on user filters. There needs to be an
infrastructure-level solution. Filters are fine once the user gets the
message, the infrastructure should strip out illegitimate messages in the
first place.

As your comments:
1) The definition may vary. But if you have friends that want to annoy you,
get new friends, and filter them out. That is, if you can reliably filter
them... (and I challenge you to do so if you can't trust the 'from'
address!)

2) You're taking the word trust way too seriously. Think "be willing to
accept a message from"

3) Here, you are WAAAAAAAAAAY off, and wrong, wrong, wrong! You cannot
assume that what works for you works for others. I'd hate to lose legit mail
to me because it worked for some filter of yours. That said, I think there
is only one filter that we could ever use, and that is that the From: field
must be legit. (minimally not blank)

4) Mute point

5) Whatever.

-----Original Message-----
From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
Sent: Monday, March 10, 2003 12:53 PM
To: Jason Hihn
Cc: moore(_at_)cs(_dot_)utk(_dot_)edu; asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] Several Observations and a solution that addresses
them all


1) Spam only comes from those we don't know.

false.  sometimes spam comes from people who do know me, but
want to annoy me.

2) We trust those that we know. The opposite is also true.

False.  knowing someone does not imply trusting him.  knowledge can
often justify distrust.  neither does not knowing someone indicate that
they're not trustworthy.

3) Content filters are unacceptable;

false.  content filters are ideal for getting rid of certain
kinds of content.  I can write a filter that reliably recognizes
languages that I cannot read, or attachments that I have zero use for
(like windows executables) and it's perfectly reasonable for me to
discard such things.

what's less reasonable is having someone else discard those things
for me.

4) Spam pays because it's cheap

not all spam is connercial.  and spam would exist even if it were
more expensive - it would just be more narrowly targeted.

5) Spammers don't care who they are, or who you are - BUT the
receivers do.

false.  some spam is targeted.

6) Spammers don't play fair, and bend the rules. Social engineering,
filter evasion, etc.

spammers don't think there are rules.

Keith

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg