As stated previously I'm willing to leave those aspects to market
forces. I'm also willing to sign on to a best-practices publication
which recommends that the end user be informed, in some detail of what
is being done in his name for upstream filtering, as well as
the option
to opt-out of such filtering. However, I suspect that such items are
uncontroversial.
I think the hard problem that has not been addressed is how to provide
a degree of hard evidence that shows that a party is either in compliance
with a policy or not.
The biggest complaints from the bulk mailers is that whatever they do
someone can effectively perform a DoS on them with hearsay accusations.
Of couse that is not to say that the accusations are true in all cases,
but in some cases they are simply untrue. There is a huge problem with
asymetric standards of proof.
Another problem is that a lot of folk have folk like Symantec blacklisted
for sending spam - when their 'associates' are actually selling ripped off
software.
If we can get accountability it is much easier to ger responsibility.
If someone sends an authenticated message that breaks corporate ethics
they can be fired. If the message is repudiable, or more likely the
opt-in element was repudiable then nothing happens, nor should it since
malicious accusations are not uncommon.
Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg