ietf-asrg
[Top] [All Lists]

RE: [Asrg] Spam Control Complexity -- scaling, adoption, diversit y and scenarios

2003-04-20 19:24:43
Vernon is completely right here.

The one modification I would make is to say that there are a few occasions
in which you can get the effect of having single-ended adoption even with a
double ended scheme.

One way this can be done is by piggybacking code for the double ended scheme
in the single ended scheme. For example using content filters that use
authentication as one input to the filtering decision process.

Another case where this can be done is if there are a few well travelled
sites such that if they adopt a double ended scheme unilateraly, even with
no immediate advantage it means that those connecting to them do see an
advantage from adoption at their end.

                Phill

-----Original Message-----
From: Vernon Schryver [mailto:vjs(_at_)calcite(_dot_)rhyolite(_dot_)com]
Sent: Sunday, April 20, 2003 9:49 PM
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] Spam Control Complexity -- scaling, adoption,
diversit y and scenarios


From: Dave Crocker <dhc(_at_)dcrocker(_dot_)net>

...
HBP> Content filtering requires only single ended adoption.

And it is not subject to network standardization.  ...

I suspect that is more true than false, but more than half of the spam
control systems now in at least real trial use (stopping millions of
spam/day) involve aspects that could be subject to network 
standardization.
All of the following filter at only one end, but push lots of bits
through the Internet in support of that filtering:
  - Postini
  - Brightmail
  - MAPS's RBL using BGP feed
  - DNS blacklists including MAPS's RBL+, SBL, and SPEWS
  - Razor/Pyzor
  - DCC
(in no particular order.  no endorsements implied.  omissions 
unintentional)

SpamAssassin can also be viewed as moving data around the net 
in support
of its content filtering in the form of updates to the 
default scoring.

Of all of those, only SpamAssassin sounds like a good candidate for
network standardization, but I think it is a candidate.  The others
have protocols that would be hard to displace.

The only spam solutions that I can think of that might be called
"double ended" are
   - authentication
   - sender-pays (money, CPU cycles, or anything else)
   - challenge/response


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg