ietf-asrg
[Top] [All Lists]

RE: [Asrg] Opt-Out Notes: too complicated, ignoring history

2003-03-28 10:03:04


On Friday, March 28, 2003 2:06 AM, John R Levine 
[SMTP:johnl(_at_)iecc(_dot_)com] wrote:
...
Right.  How does giving server operators the option to publish a NO UBE
policy force a policy decision on them?  For the 99.99999999% of server
operators and their users who don't want spam they publish a standard NO
UBE banner.  For toad.com, they don't.  It's up to them.

This is where it gets messy.  As noted, this approach very stronly
encourages
only domain-wide policy.  Then it has to deal with the questions of what
policies can be expressed.  If you go to very simple policies like only a
tag that means "No UBE" with some definition agreed on to the parameters of
that, then people can have only a binary choice of policy.

Given that there must be hundreds of millions of domains and subdomains on
the net, a domain strikes me as a pretty fine level of granularity.  And
you can have any policy you want, with NO UBE as a baseline.  If you put
on a NO UBE banner and publish a policy somewhere saying "we welcome all
mail about kittens to meow(_at_)templetons(_dot_)com", kitten mail to that 
address,
even if bulk, is not U any more.  Laws and software are not the same and
it's a really bad idea to try to encode every legal statement you might
want to make into software, which is one of the reasons I think the
complicated opt-out list proposal is a non-starter.
...

This addresses a policy which must be interpreted by the sending end node of 
such a policy AND a content 'descriptor' that could be applied, difficult at 
best I think.  In addition if we follow the logic of this approach than we must 
concede that the spammer will send 'kittenized' U mail to the effect that it 
circumvents the policy boundary, that does not actually contain 'kitten' mail, 
do we not?  With respect to this witness the U mail at present, how many are 
really related to the topic in the subject v. how many have misleading 
subjects.  We all know content filtering as a proposal is not a good idea for a 
solution, this to me seems to be an extension of that concept.


The problem with a binary policy flag is that it effectively applies the
same policy decision to all,

Uh, no.  See note above.

With respect to this I think the following requirement should be considered:

Requirement 5) The proposal SHOULD/MAY [not sure how strong this would be as a 
requirement] include a mechanism for implementation in messaging relay systems 
(MX hosts), end use 'post offices' (MTAs), and end node mail recipient systems 
(MUAs).  Proposals that include only one of these messaging system components 
MUST include mechanisms for interaction with the other components.


Regards,

Eric

-----
Eric Williams
PGP Public Key
http://new.infobro.com/KeyServ/EricDWilliams.asc
Finger Print: 1055 8AED 9783 2378 73EF  7B19 0544 A590 FF65 B789


Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet 
for
Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer
Commissioner
"I dropped the toothpaste", said Tom, crestfallenly.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg