ietf-asrg
[Top] [All Lists]

[Asrg] Banners, logic gates, system control.

2003-03-18 11:13:16
If some of you are considering solutions to this problem already, consider
this theoretical situation:

Take a single message, it's content would be classified as spam by a
majority opinion. Send this message through your proposed system and see if
it would be flagged, diverted or otherwise stopped completely. If your
system manages to correctly handle this message, have the person that
received it forward the message back through the system to another
recipient. Now ask yourself, would it be stopped again?

This problem brings into question not only the content of a message but also
the will of the user who sent it. A person might have a very good reason for
sending content marked as bad through the system, such as this discussion
list. What if this list has a spam filter on it, and I forward a spam to
this list as part of the discussion? Best case scenario this list is
moderated and a human has to look at it, in which case why do we need
filters at all? Worst case a filter consigns it to the bit bucket and it's
back to square one.

This defines an inherent weakness in all content filtering systems; they
simply cannot make the judgements that we require because they aren't us.
Sure you can keep tinkering with them until the end of time until they are
99.9% effective, but after 100 million are sent you're still letting 900,000
seep through.

On SMTP Banners:
I like these, but ultimately they're a tool of the willing only. The only
person who is going to respect an "at your discretion" rule will be people
who aren't causing problems in the first place. As far as SMTP goes, it's
probably good for SMTP. I personally don't believe duct-taping SMTP will
ever solve this problem.

Ultimately the only way to control an open system (SMTP) is to close it. To
stop a message from going someplace that you don't want it to go, you need a
gatekeeper. Machines are great logic devices, however determining whether
the content is spam is not a logical function, it's entirely opinionated, at
which machines are not so good. If you want an automated system to decide
what goes in and what goes out, you need to have a logic gate.

The gate is a condition (which is up in the air). It can be simple or
complex.

Based on identity:
Does address SNDR have permission to contact address RECIP?
Does address SNDR have permission to contact * on network RECIP_NET?

Based on content:
Does address RECIP allow message type COMMERICIAL?
Does network RECIP_NET allow message type COMMERCIAL?

Pick one, pick them all, it really depends on the system itself which will
watch the gate (and also where the "Gate" is located on the network). The
system best suited for this model is a Central Authority which keeps
information about what kind of content you want to receive, and optionally
who is allowed to send it to you (if that's a positive logic). It also could
optionally be a transit for the message itself, or you could employ a public
network of transits.

The above system would not have the same problem as the banners because the
SNDR does not have the option to listen to the rules. The login gate
literally makes the decision and either lets the message continue, or stops
it. It's not practical to propagate your preferences to every mail server on
the Internet; this would be best served either by placing the gatekeeper at
the ISP, or run by a central authority that is tasked with operating a very
crucial piece of the Internets infrastructure (e.g. the ROOT Name Servers).

This would probably require an authentication system (e.g. Domain Registrars
require knowing who you are before you can get a domain). It's not
impossible, it's simply saying that the mail system as it stands now cannot
be controlled by the commons *alone*, much as the snail-mail system probably
would collapse without a central governing authority.

The upswing would be you'd have a single point of contact no matter what ISP
you use or where you are, and anyone using the system would be identifiable
if they abuse it because the Central Authority would require you to be
identifiable in order to use it. Anyone who wants to be anonymous could
always fallback to standard SMTP, assuming a person on the receiving end
chooses to still receive via SMTP.

The latter part of this message is purely speculation and personal opinion,
but I truly believe you can't place a couple million road bumps on the
Internet and hope you can slow down most of the speeders.

Paul Tenny - pwtenny(_at_)earthlink(_dot_)net
HTTP/1.0 404 Objekt nicht gefunden

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>
  • [Asrg] Banners, logic gates, system control., Paul Tenny <=