Then it is, unfortunately, only a limited solution.
I suppose, but I'd think that a 99% solution would be preferable to the 0%
alternatives that are on offer.
We would want to be careful about releasing a solution which solves some
people's problems and because it doesn't solve others, pidgeonholes them
into the site-wide approach, and thus does not meet the goal of providing
individual user choice.
Server banners in practice give users a whole lot more choice than they
have now. No ISP offers unfiltered mail, since their spool disks would
fill up in seconds.
[ higher priced service ]
Indeed they could but that would require all those users to change their
e-mail address, something I think we are loathe to accept as a solution,
unless there are not other alternatives I hope you would agree.
They don't have to change their address. The "send me spam" address could
easily be in addition to their original address, e.g., fred(_at_)isp(_dot_)com
would
add fred(_at_)sendmespam(_dot_)isp(_dot_)com(_dot_) Since the sendmespam
mailbox would always be
over quota, you'd want to keep it separate for practical reasons anyway.
But this makes the above forced-aggregation-of-decision problem even worse.
Not only must all users at a site have the same policy, but this must match
at all mail relayers.
Well, yeah. So what? If you want a backup MX, find one with a compatible
UBE policy. Maybe my experience is atypical, but don't know of very many
domains with multiple MXes not under the same management, and I don't know
of any at all where compatible UBE policies would be an issue.
I believe that many people do believe that it is ideal to leave the choice
of filtering in the hands of the end-user.
No argument there. Since end-users currently have in practice no
alternative but to use filters, frequently pretty incompetent ones, a
simple published policy would be a big improvement.
And since we know that the people who don't want spam vastly outnumber the
ones who do, it's reasonable to design a system that makes the common case
easy while making the uncommon case possible, just like it's possible to
get a mailbox that can receive gigabyte messages, even though it's not
common or cheap. If you want spam, get an extra mailbox for it. Or, of
course, sign up on a few FFA sites in which case it's not U so you can use
any mailbox you want.
But I don't believe the IETF would ever want to, in technical specifications,
push policy decisions on users or service providers. Rather we would wish
to provide tools and protocols to implement policy decisions.
Right. How does giving server operators the option to publish a NO UBE
policy force a policy decision on them? For the 99.99999999% of server
operators and their users who don't want spam they publish a standard NO
UBE banner. For toad.com, they don't. It's up to them.
That wouldn't be a good way to send mail that needs to obey a NO UCE or NO
UBE policy. So don't do that. Every ISP I know of doesn't let you send
spam through their MTAs anyway, so this would not be a change to current
practice.
Nonetheless it is the way mail works, ...
Could you list two or three ISPs that let users send spam through their
outgoing mail servers? Or for that matter, who let retail users send bulk
non-spam mail through them? That's the way that individual mail works,
which wouldn't be affected by a NO UBE policy, but it's not the way that
bulk mail, spam or otherwise, works. You know that.
Indeed, it's much more workable on the UBE side of things, but you have
made note of UCE as a possible policy a number of times, so naturally that
is a concern, since single mails will continue to be sent through normal
channels in which such a policy banner system would not be workable.
I would cheerfully strike non-bulk UCE from the proposal. Sen. Bowen's
bill in California which bans all UCE refers to it and I argued fairly
strenuously with the aide drafting the bill that any such law needs a
carve out for non-bulk mail. I think she got it, although I haven't
looked at the draft lately. The reason that UCE is still in the proposal
is pragmatic. Most of the interest is in banning UCE which I'm trying to
deflect into banning UBCE, without a UCE spec there's no basis to start
working with them.
Actually, there are several proposals that work at this level. About 6 years
ago, I even had an SMTP banner which made such a declaration, as did many
other people.
Same here. Mine's still there, since I don't change mail servers very
often.
Which comes to the other point. How effective would such a scheme be,
do you think?
In the absence of laws, as ineffective as any other opt-out proposal.
With a federal law, I'd expect it to be about as effective as the TCPA,
which hasn't eradicated junk faxes but has kept them down to a level that
keeps our fax machines usable.
but even then, but it's pretty clear now that laws resembling any of
the existing ones don't work,
If you compare the level of junk faxes now to the pre-TCPA level, it's
hard to argue that it doesn't work. I'm aware of the "spammers will move
offshore" argument, but of course a U.S. law applies to a U.S. advertiser
no matter how or where the ads are sent, and the majority of spam is still
for US stuff.
By the way, do you think the TCPA should be repealed? It means that even
if you're willing to change your phone number, you can't get one where
junk faxes are permitted.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg