ietf-asrg
[Top] [All Lists]

Re: [Asrg] A New Plan for No Spam / DNSBLS

2003-04-28 10:39:58
On Mon, 28 Apr 2003 05:12:19 -0700 
Larry Marks <larry(_dot_)marks(_at_)barberry(_dot_)com> wrote:
J C Lawrence wrote:

I believe that it is and has been within the power of ISPs to provide
a safe haven from spam without introducing instability into the
system. They would need to form or affiliate with an NCRPA-compliant
body and agree on some consistent and enforceable ways of applying
DNSbls and other anti-spam mechanisms. This could start now with
existing mechanisms and later add new mechanisms as appropriate.

The more ISPs do such a thing, the less value and interest for the
remaining ISPs to do so.  As soon as it becomes legally required its not
a code of conduct, its a state tax and mandate which is to be fought and
lowest-bidder only-the-letter-of-the-law penny-saved wherever possible.
Incredibly shrinking margins and mass market economic forces dictate
that clearly. Across the international scene, naive national
self-interest would encourage foreign systems to Do Their Own Different
Thing.

Hardly.  Its the old deal: You get what you pay for.  If you want
end-to-end guarantees you have to do and contract it yourself.  If
you want some variety of largely undefined best-effort you'll trust
to the cooperation of other uninvolved parties.  You get to pick.

Your comment is preposterous. 

Sorry.  Reality is often preposterous.  It also happens to be true.
You, and even I may prefer it otherwise, but at the end of the day that
is the way current networks operator and what happens.

A network already exists. I don't need to go build another one. And
mail is an end-to-end service and always has been. In fact, it's a
commercial service offered to the public.

Absolutely.  Its a commercial service stated as:

  We guarantee to use industry best practices to deliver your email to
  its destination.  We make no guarantees as to whether the recipient or
  their proxy (in the form of the remove ISP) will accept or handle your
  email.

When I send a message via my ISP to someone on another ISP, it is
highly unlikely that it will traverse any systems that are not there
to make money for their owners by carrying my traffic. For that
reason, I have every right to expect that great care will be taken
from one end to the other. 

This is generally true, and, in the general case, email works very well
in supporting these expectations.

Even the term commonly used to describe Internet mail transport, "best
effort", creates the expectation of reliable service. That's because
"best" means best, not second best or half-assed.

Yup!

I can't see how it could work any other way. If the Internet is
perceived as unreliable, then it will not be used to its
potential. 

Late breaking news: The Internet is not being used to its full potential
and never will be.  This is guaranteed.  Usenet is a poster child for
this tautology.  ___NO___ human system is ever used 100% efficiently.
The size of the delta varies widely and tends to scale exponentially
with the opportunity for self-interested-abuse (cf tragedy of the
commons), but is always present.

That's bad for users and lost profits for ISPs. To some degree, this
has already happened. 

Absolutely.  Currently the market pressures have visibly built, but not
enough to cause real change, and haven't yet defined themselves with
sufficient accuracy or direction to do much effective.  This will
change, but it will probably take a few more years.  

I certainly don't use it for delivery of important business documents
and neither do most other people I know. 

Ahh, I do.  A simple double ack system is quite effective in catching
transmission problems, and FedEx is always right around the corner as a
backup transport.

That's regrettable because e-mail should be inherently more reliable
than many other forms of communications.

"Should" is a wonderful word.  It covers so many socially conscious
opportunities which have insufficient direct-economic or personal
benefit justifications to ever actually happen.

Finally, you said, "you get to pick". Actually, you don't. 

Nope.  You do, its just that the cost of making that choice is high.  In
fact, people make that choice daily.  As a trite example: Car dealers
that want to work with Freightliner must install a private T1 from their
dealer to Freightliner (required by Freightliner) before they can do
electronic business with Freightliner.  

That's because there is insufficient data for most people to make an
informed decision. 

As the market has clearly stated, most people are not interested in that
decision.

Buyers deserve to know what the rules and agreements between ISPs for
Internet e-mail are and what service providers are fully compliant
with them. 

You do realise that this approaches an infinitely complex problem
description?  The very very simple case of Above.net's use of the their
own RBL BGP feed to define null routes should show this clearly.  

  My ISP had no contract, transit or peer, with Above.Net, and neither
  did my recipient's ISP.  In fact, in both our cases you had to go two
  full ISP hops away from either of us before Above.Net became involved.
  Yet, quite strangely, we couldn't exchange packets, of any form.  The
  route between us was dead.

Attempting to enforce contract agreement end-to-end in the abstract and
general case is infeasible in the general case (tho very possible as a
custom point-to-point paid-for service).  Attempting to establish full
consent for any change in operational characteristics before making
changes is ludicrous -- How many other ISPs across the planet would I
have to get to sign off?

Then they really can make a choice.

They already can.  Some, as you, make the choice to not use the 'net.
Others, as me, make the choice to use it via controlled error-detecting
protocols.

I refer you to Richard Gabriel's "Worse is Better" and Mike Meyer's
"Good Enough Is Best":

  http://www.ai.mit.edu/docs/articles/good-news/subsection3.2.1.html
  http://mired.org:8080/home/mwm/good-enough.html

They apply to more than just software systems.

-- 
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw(_at_)kanga(_dot_)nu               He lived as a devil, eh?           
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg