ietf-asrg
[Top] [All Lists]

Re: [Asrg] A New Plan for No Spam / DNSBLS

2003-04-27 13:34:46
In 
<CE541259607DE94CA2A23816FB49F4A301AE238D(_at_)vhqpostal6(_dot_)verisign(_dot_)com>
 "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> writes:

2) If no one had done anything to try and stop spammers, our inboxes
   would be totally swamped with spam by now and email would be
   useless instead of "merely" unreliable.

Absolutely, and without blacklists even more people woulod have left
the internet by now.

That does not mean that they are the long term answer. If blacklists
were not causing problems of their own and loosing effectiveness there
would not be a need for this group.

I disagree that DNSBLs are losing their effectiveness.  On the
contrary, I believe that the usage and effectiveness of DNSBLs is
growing.

I see the creation of ESPC and JamSpam as indicators that DNSBLs usage
is increasing and having the desired effect for the people and
organizations that are using the DNSBLs.  I see the recent banding
together of the Florida spammers to sue a couple of the major DNSBLs
as another indicator of their increased effectiveness.  You can get
usage info about SpamCop DNSBL from their website, and the numbers are
growing.  However, it is not clear if the SCBL numbers are grown
because the overall usage is grown or because SpamCop is counting a
greater percentage of the SCBL hits.  I suspect that it is the former.

Granted, DNSBLs have not stopped spam, but then, nothing has.  Still,
what indications do you have that DNSBL effectiveness is decreasing?



In the case you outlined with DNSBLs, I would suggest getting a backup
email address so that if your ISP is blocked by ISP you are trying to
send to, you can still get through. 

That is simply not an acceptable solution. If Alice wans to send a mail 
to Bob and Bob wants to receive it, something is seriously wrong if the
protocol fails to get the message across.

No, just because Alice and Bob can't communicate doesn't mean that the
protocol has failed.

I can't email my brother in Colorado, mostly because he has never
owned a computer.  This is not a failure of the protocol.  If I wanted
to spend the time and money, I could get him one, but there is still
the issue of whether my brother really wants to receive email from me
instead of using the phone like we normally do.

Likewise, if Alice and Bob are already on the Internet and they can't
communicate because of some anti-spam system that one or both of them
are using, that doesn't mean there is a failure in the protocol.  Most
likely, if they wanted to spend the time and the money, they could set
up their own SMTP servers on a non-standard port and email each other
just fine.  The "failure" is a result of a choice they have made.


The IETF can choose to define a second best Internet but that is not wnat 
the end users want. They want it all, Bob wants to get Alice's message
and no spam. If we can't solve that problem here then the market will
follow whoever can solve the real requirements.

People make cost/benefit trade-offs all the time.  For many people, a
certain number of false-positives is very acceptable for a much larger
percentage of reduced spam.  If the they really "want it all", they
can and will pay for it.


-wayne

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg