ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] A method to eliminate spam

2003-03-18 15:42:35
from [Frank de Lange] [Permanent Link] 
meor(_at_)mail(_dot_)SoftHome(_dot_)net wrote:
I don't see any incentives there for CNN to change its current practices. 

Were you planning to just send them money?  Or did you figure that
they would assign programmers to work on changing their current
mailing list practices and software to fit your scheme just because
it will seem like fun?
Jesus Christ this list is filled with stupid. Do you guys effectively argue anything or do you only skim over messages and point out your own ignorance? I've completely outlined the method I was proposing and only about half of the responses I received were intelligent. The other half of the responses were either completely ignorant or a thread fracture debating how public keys work.
Have you guys ever thought about what happens if you truly do find an original idea that would eliminate SPAM? What if it wasn't 100% backwards compatible with sendmail? Do you guys have any sort of plan on how to roll out such a solution across the Internet? My guess as to why this group is so ineffectual is because there are too many voices spouting opinions and not enough organization. You repeatedly get people talking about building a trust infrastructure, better ways to filter, a universal black list, a new law to govern SPAM, a rating systems, or re-implementing Finger? None of these ideas work. You will never build a trust infrastructure. You will never be able to filter 100% effectively. You will never be able to create a universal black list. You will never be able to get a effectual rating system working. Creating laws will never solve the problem because it is too easy to anonymously send E-Mail, or send it from a different country. Re-implementing finger? That's the stupidest thing I've ever heard.
The fact of the matter is: The current SMTP/POP/IMAP protocols were built on the idea of a trusting network. When you allow people who abuse these protocols to access them, you're lost. You will never get SMTP to work in a way that prevents it from being abused. You will never get filters to work 100% effectively because one man's SPAM is another man's free vacation. The only way to get E-Mail to work in an effective an un-abused manner is to implement a new protocol. The faster this is realized, the faster a solution will be found.
You need a *new* protocol that does not have a central location to provide proof of identity. 
You need a way to prove identity peer to peer in a sense.
You need a way to either identify SPAMmers 100% of the time and stop them, or identify them most of the time and slow them down. Identifying them 100% of the time is probably not feasible, so you can't try and stop them. Identifying them most of the time with occasional false-positives and slowing these down is probably a better way to do things. A good way to identify SPAMmers most of the time would be through the use of a white list of digital signatures. If someone is on your white list, they are not a spammer. If they are not on your list, they're probably a SPAMmer and need to be slowed down until they are placed on your white list. You need a good way to slow down spammers in a way that does not imply trust and does not bog down the network or server. You need a way to slow down the sending client in a way that's scaleable, voluntary, and uncircumventable. A good way to slow the client down is to make the client perform a task that uses CPU time. This task needs some way of proving that the CPU time was invested by the client before the mail is able to be sent. The only way to circumvent this task would be to apply more CPU power to solving this task which would imply more money invested. If the task is scaleable to easily consume more CPU power, investing more money in CPU power would become less economically feasible and SPAMming would no longer be a viable business practice. 



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
Lighten up dude, comments like 'this list is filled with stupid' don't help to bring your point across. The opposite is true...
What we - IMnsHO - are looking for is a way to reduce the impact of spam on email. Reduce, probably not totally eliminate, because that is not really the point. Any service can be abused as long as the barrier of entry to the service is low. Even your proposal will not completely eliminate spam, it would probably just change the way spam would be sent (by distributing the load of the verification process over a wide range of computers, employing either well-known vulnerabilities in Windows or parasitic ratware). And you mention something about patents and the need to license when making for-profit implementations, which is a no-no for something as essential and basic as the email standard.
Reduce spam while not throwing away the baby with the bathwater. Evolution works, revolution often leaves a bloody mess.
Are you in San Francisco for the IETF? If so, come forward and speak your mind. 

Frank

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] Thoughts so far, Damien Morton
Next by Date:  [Asrg] spam-shake: an anti-spam e-mail protocol, Lee Murach
Previous by Thread:  Re: [Asrg] A method to eliminate spam, meor
Next by Thread:  Re: [Asrg] A method to eliminate spam, Ronald F. Guilmette
Indexes:  [Date] [Thread] [Top] [All Lists]