ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] Several Observations and a solution that addresses them all

2003-03-10 12:39:59
from [Jason Hihn] [Permanent Link] 
Your filter tactics are insufficient. They bury your head in the sand. Spam
is increasing on the network. It carries a cost, and therefore it increases
costs. To filter it at an end-point does nothing to deliver us from the
costs of delivering it.

It must be a network-centric method and not an end point method that is used
to reduce spam.
By using filters, (lets say) 1/4 of all traffic being email and 80% of email
traffic ends up in the filter's trash can. That's convertible to a dollar
figure. And that is waste. Filters do nothing to reduce the costs and
wastes. You can try ignoring spam, but it keeps coming.

I'd support filters if they only did the tar-pit type of thing. Because
there no one loses a message, it just takes forever if the filter is wrong.
But I digress...

-----Original Message-----
From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
Sent: Monday, March 10, 2003 1:26 PM
To: Jason Hihn
Cc: moore(_at_)cs(_dot_)utk(_dot_)edu; asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] Several Observations and a solution that addresses
them all



As I stated, you cannot rely on user filters.


filters are perfectly reliable for some things.  user filters
are not ideal because the infrastructure still has to carry the
messages, but it's misleading to say that they're not reliable.


There needs to be an infrastructure-level solution. Filters are fine
once the user gets the message, the infrastructure should strip out
illegitimate messages in the first place.


who decides what is illegitimate?


As your comments:
1) The definition may vary. But if you have friends that want to annoy
you, get new friends, and filter them out. That is, if you can
reliably filter them... (and I challenge you to do so if you can't
trust the 'from' address!)


filters don't have to be perfectly reliable to be useful.  (some people
have big enough egos that they won't change their from addresses, so
it's still useful to filter on their addresses.)

as for your challenge - just as an example, I'm willing to accept a
pgp-signed message from someone I trust as long as I can verify the
signature, and I don't care what the From address is.


You cannot assume that what works for you works for others.


I don't assume that.  I agree with you entirely that filters have to be
recipient-specific.  however that doesn't mean that they have to be
implemented at the recipient's end.


That said, I think there is only one filter that we could ever use,
and that is that the From: field must be legit. (minimally not blank)


there are probably a few others, but not many.


Keith

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] Several Observations and a solution that addresses them all, Jason Hihn
Next by Date:  RE: [Asrg] Taxonomy of anti-spam systems, Hallam-Baker, Phillip
Previous by Thread:  Re: [Asrg] Several Observations and a solution that addresses them all, Vernon Schryver
Next by Thread:  Re: [Asrg] Several Observations and a solution that addresses them all, Jon Kyme
Indexes:  [Date] [Thread] [Top] [All Lists]