From: matthew richards <matt(_at_)larkinam(_dot_)com>
nb idea what AID information is,
I don't recall that one, and Google doesn't help. I wonder if it was
a typo for AIN.
Assuming it means "magic and comprehensive information easily available
anyone with a clue about SS7 and access to a CO," it does not affect
my point that it's all irrelevant to the useful and practical traceability
of junk faxes.
because i've never heard of a
Strouger exchange?
Older than ancient mechanical telephone switching equipment that
required people to physically look at things to trace a call. THis
required keeping the caller talking for a long time while people
scurried around central offices (COs).
Today, if someone is prepared to trace incoming calls, they've got you
before the instrument rings.
But this is also irrelevant to tracing junk faxes, because (almost)
no one has the FBI or even just a pen-trace sitting on a fax line
merely to trace the source of junk faxes so that they can file a TCPA
action at $500 or $1500 per fax.
...
ps. and what in gods name is a pbx? ;)
Private branch exchange or a chunk of a telephone switch commonly used
in businesses with mroe than a small handful of phone lines.
It turns out that caller ID information for a call can be the
responsibility of the originating PBX. For some strange reason, the PBXs
used by telemarketers sometimes don't offer good caller-ID information.
This is relevant to the claims that authentication has anything to do
with stopping spam. (Some) theory says that the central administrated,
heavily controlled (compared to the Internet) telephone system ought
to be able to label every call with its origin and reliably deliver
that label to the recipient of the call. "In theory there is no
difference between theory and practice, but in practice there is."
Wouldn't it be swell if we could limit consideration of spam solutions
based on bunches of assumptions that are dubious or false?
Does someone have a box score of spam "solutions"? I've been lazy with
my scorecard and have only these contenders
- Verisign certs
- DNS records
-- saying the SMTP client is virtuous.
-- saying the SMTP client is a properly configured MTA.
-- containing some sort of cert or key proving virue.
- word filters/scorers (e.g. "Bayesian")
- aggregate characteristic scorers (e.g. SpamAssassin)
- body filters (e.g. Postini, Brightmail, DCC, Razor/Pyzor/Cloudmark)
- headers asserting virtue (e.g. Habeas)
- challenge/response systems
- IP address, domain name, cert or other whitelists
- IP address or domain name blacklists
- opt-out lists
My scoring says that some representatives of six of those classes
might do some good, but other representives of those six and all of
the other classes are variously useful only when double digit false
positives are ok, hopeless, or snakeoil.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg