At 5:58 PM -0400 4/26/03, Olson, Margaret wrote:
>From: Kee Hinckley
[<mailto:nazgul(_at_)somewhere(_dot_)com>mailto:nazgul(_at_)somewhere(_dot_)com]
There is one other reason that I think this is a good idea. It will
let *us* (as in, the end-user population) hold them accountable for
their email. I don't think they have any real idea just how much of
their email is unwanted.
Being held accountable absolutely one of the goals of the ESPC
proposal. We want to be held accountable - holding senders
accountable is necessary to solving the spam problem.
One of the things that I did *not* see in the ESPC proposal was how
exactly you would be held accountable. It described (in very broad
terms) a way by which we could identify the sender. But what
precisely is the mechanism by which the sender is disbarred due to
abuse?
In the past year roving.com has sent 224 messages to 172 addresses at
somewhere.com that do not, and have never, existed. What should I be
doing to keep that from happening? And how is the ESPC proposal
going to change that?
I don't consider myself an extremist about spam. I've had my share
of battles with so-called spam fighters as well. But the reactions
I've gotten from bulkmailers have not exactly given me hope. Take
Topica. We had a problem where viruses were regularly subscribing
wormalert(_at_)somewhere(_dot_)com to their lists. They "fixed it". They now
blackhole all email from somewhere.com and ignore my complaints when
I send mail from other domains. They didn't bother to tell me--I
found out when I tried to sign up for the JamSpam mailing lists
(Topica hosted) and got no response. That is not what I would call
responsible behavior.
Roving presents a typical problem, similar to Topica. We have
customers who have most definitely been spammed by Roving. We also
have customers who get legitimate mail from Roving. The fact that
you are going to make it easier for us to identify that it's from
Roving really doesn't help. If you think the folks in ESPC are
*accidentally* getting blocked, I'm afraid you're very mistaken.
What it comes down to is how you are going to be held accountable for
the spam. And by that I do *not* mean that you'll have some standard
unsubscribe mechanism. I mean that if you get too many
complaints--you'll lose your license to use that stamp of approval.
I know what happens to a Habeas licensee when they screw up--they get
sued. What happens to you?
You've got a fundamental problem. You are trusting your users when
they create lists. You're at the mercy of their honesty and their
cluefullness. Until you realize that you can't trust them--that
*you* need to verify those subscriptions, you are going to continue
to get blacklisted. Do you really think otherwise?
A whitepaper is in the works.
A whitepaper would be nice. A technical specification would be even
better. Especially if you are expecting spam filtering companies
such as ours to recognize and whitelist your mailings.
--
Kee Hinckley
http://www.messagefire.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg