On Mon, Mar 31, 2003 at 12:15:05PM -0800, Dave Crocker wrote:
Brad,
BT> Alas, now we see how hard it is to get consensus on this.
BT> Sent as part of a mass mailing, which is to say
some
BT> person commanded that mail be sent to more than
BT> a few hundred people
if 10,000 separate senders each mail to targeted lists of 50 people,
soliciting money, is that not spam?
BT> If the 10,000 people are, as you say, separate, and not caused to do so
by one
BT> entity, then no, it would not be under this definition.
I was trying to highlight a problem with the definition.
The person that receives each of those 10,000 messages is going to be
pretty clear that they have received spam.
I'm of asrg for a busy week, but I'm not clear on your question here. What
is the problem with the term? Is it that you think it does not cover large
volumes of mail which you think are spam? Or that you think it labels
legitimate mail as spam?
1. Spam is two different problems. One is traffic for ISPs and the
other is traffic for recipients. Neither really cares how many places
that traffic comes from. Hence, making the definition rely on single,
major offenders carries a serious risk, if there are many, small
offenders.
Does anybody have information that they get significant spams from mailings
that were limited to small numbers of people, like say 50? I mean even
if a million individuals sent out 50 mails, that's still fewer than one mail
per mailbox in the world. Are there a million people who want to do these
small mailings?
Remember, two people working for the same entity who each do a mailing of
50 is not 2 mailings of 50, it is a mailing of 100. What matters is who
gives the order, not how it is implemented, at least in terms of
legal definitions.
I do not know whether they are yet a major source of the problem. As
soon as we make mechanisms that successfully limit single-source
volumes, we will get this alternative traffic. Spammers have proved to
be very, very adaptable.
So you agree it is a hypothetical problem, then? I would prefer not to
solve the hypotheticals, but be adaptable to be able to deal with them if
they arise. If we can make a compelling case that it's "when" rather than "if"
then it's not a hypothetical any more.
I will admit I see one risk here, namely affiliate marketing and MLM. I
would want to tune the definition to say that if one major player
encourages 1,000 affiliates to each mail 100 people, then this is a mailing
of 100,000. I won't pretend this isn't thorny - it's thorny in most of
the definitional questions. Getting MLM sub-pyramiders to mail their friends
is not as much of a problem, it is how MLM works, and you run the risk of
pissing off your friends. It's only when you mail people who don't know you
that
you face no consequences for pissing them off.
BT> Sure. Again, how much of your "spam" is coming from parties who are not
BT> strangers to you?
I am not a good person to ask, since my tolerance level for unsolicited
solicitations is close to zero.
My impression is that it is a common problem on the net.
I get over 200 spam/day and I scan the headers of all of them and in general
it is very rare to get one form somebody I know, and extremely rare in those
cases that it isn't either a mistake and correctable with an opt-out. I only
know so many people, so the opt-out system is workable in that case as there
are only so many I need to do in my life.
BT> And in this case, how many problems have you had with
BT> getting removed from their lists?
Given that responding to a rogue spammer is a good way to validate that
your address is valid and that you are a responsive Internet email user,
the problem is knowing when it is "safe" to ask to be removed.
No, I meant not the spam from rogue spammers, the spam from people you know.
In those cases I have found I can always quickly get off the lists, and the
remove mechanism works and is generally risk-free. For unknown spammers, I
would not attempt to reply.
BT> Actually, under this definition, everybody _you_ talk to gets one "free
shot."
So, in Internet scale operation, that is up to 100 million extra pieces
of email. Or rather more, since "corporations" are independent of
individuals. And people form new corporations all the time.
Can you clarify? You are suggesting that because a corporation knows lots and
lots of people, this opens it up to spam from them?
To my mind most people only know perhaps a few thousand people and a few
thousand corporations. Of those, only a small number are likley spammers.
The number of opt-outs you would need to do in your life might be numbered
in the few score at most.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg