One paragraph gives a hint of the answer: "The interesting thing is that
this list seems to contain neither spammers nor people who make a living
selling anti-spam solutions. It is however full of people who have an
interest in protecting their systems from spam.
We are those 400M and are the real target because we care. Solutions
that work at the edges get embraced. It's called the marketplace. MIME
is a great example -- some people at the edges built tools and then some
vendors adopted it so it made it easier for the rest of us (not them,
us) to take advantage of it.
OK, not all of you on the list but some of us like typography and can
avail ourselves of it. An ISP wouldn't give us that kind of choice and I
can decide if I want to bother writing messages in a down-level format
(though MIME tries to make dual messaging the default). Of course a
Unicode Mime message with binhex/uuencode (or whatever) gets huge. Why,
I remember when a message of a 100 lines got a flag "LARGE MESSAGE", now
a few megabytes flits by unnoticed.
I do vary my email address and do quench messages reaped send to that
address and my web site generates unique addresses for each visit. It's
a weak version of what I want but it has helped me prescreen a lot of
messages on my site. I still get a 100:1 ratio of spam to real messages
and hope that going further to using crypto-capabilities will give me
much more control.
The key is that focus on people who care and those are the people at the
end points.
Oh, there are others who care a lot -- those are the IT gatekeepers and
they tend to care about their gateways and often frustrate those of us
being protected. I remember trying to argue for mere than 5MB of email
storage space in the mid 90's and was turned down. Even as my PC's were
getting gigabytes of storage.
There are also the ISPs who want to pander to the user's misperceptions
and sell them protection -- such as MSN's promise that your child will
never learn that there is no Santa Claus. They should have the
opportunity to sell what the users are asking for but that's a product
and not fundamental and not a solution. It's like the post office doing
you a favor and protecting you from junk mail such as that silly geek
magazine that is too heavy.
-----Original Message-----
From: asrg-admin(_at_)ietf(_dot_)org [mailto:asrg-admin(_at_)ietf(_dot_)org] On
Behalf Of
Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu
Sent: Wednesday, March 19, 2003 13:13
To: Hadmut Danisch
Cc: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] This research group will fail
On Wed, 19 Mar 2003 09:33:29 PST, Hadmut Danisch <hadmut(_at_)danisch(_dot_)de>
said:
I see strong interests to spoil any success of this group
to find a technical solution. This group is under a
certain kind of attack: The commercial attack.
Hmm.. I can't speak for the commercial people, I'm about as
non-commercial
as it gets, being both civil service *AND* academia. A big chunk of
the "spoil the success" is really just those of us who have tried the
same
things before pointing out the problems that were encountered the last
time.
(For instance, I don't think I've come out and said "this can't possibly
work"
too often - though I'll admit I've tossed my share of "but first you
have to
fix this...")
Why are so many people strictly against anything what could prevent
spam at the sender side? Because the sender wouldn't pay for a
solution. Why do so many people insist on the freedom of the sender
to send whatever the sender wishes to send with a sender address the
sender can randomly choose? Simple answer: That's the only way to make
the recipient buy anti-spam-software or anti-spam-services.
Actually, the problem is that there are *3* places we can stop the
problem: the several hundred spammers, 100K ISPs, or 400M end users.
Anybody who's tried to deploy software to end users (especially software
that involves retraining) knows 400M is the wrong place to attack. And
even a well-hidden Proof-Of-Work doesn't help here - your phone WILL
ring
when people ask why it's taking 3 minutes to send mail.
I've never said I'm *STRICTLY* against a sender-side solution. My
generic
criteria for a sender-side solution is: It has to be something that my
mother the Hotmail user can deploy without me or my brother having to
make a trip home to install for her. Windows 98 on a several-year-old
PC.
And this is a very real constraint, and imposes significant barriers to
entire classes of solutions.
I wouldn't be surprised at all if most of the spammers turned out
to be the same people selling anti-spam-software and services, and
trying to put through recipient-only solutions.
The interesting thing is that this list seems to contain neither
spammers
nor people who make a living selling anti-spam solutions. It is however
full of people who have an interest in protecting their systems from
spam.
And maybe that's why the mailing list is flooded with so much
rubbish and babble. That's some kind of denial of service attack.
Actually, I was attributing that to the well-known fact that the
effective
IQ of a committee is given by "minimum IQ on the committee, divided by
the
number of heads". ;)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg