ietf-asrg
[Top] [All Lists]

Re: [Asrg] Proposal for transition to authenticated email

2003-04-29 10:36:41
At 12:45 AM -0400 4/29/03, Ken Hirsch wrote:
 > Never mind small ISPs.  What about *companies*?  There are several
 orders of magnitude more of them running mail servers than ISPs.
 What are they supposed to do?

If they can't afford the certificate, forward through their ISP. That's what most
small businesses do now.  It's no great hardship.

Do you have any numbers to back up that? My personal experience is that I know hundreds of small business that are providing their own email through DSL and other providers. In most cases the ISP doesn't provide more than 1 to 4 email addresses, and none using the customer's domain. What makes you think that is rare?


 > >They may well object, but I'm under no obligation to accept them,
 > >either.  My proposal is not to make any of these policies mandatory, but
 > >only to mandate authentication and truth-in-labeling.

 No, *you* don't have to accept them.  But a solution which leaves out
 every major bulk mail company, all the major etailers, not to mention
 your local bank, is not likely to fly very far.

I must not have made myself clear. It is the _recipients_ that decide what policies are acceptable. If senders choose policies that aren't acceptable, their messages
won't get through.

A proposal which is unacceptable to all the major email senders is by definition unacceptable for the receivers. If the receiver's adopt it enmass--they get none of the email they want. You *must* have buyin from the senders before you flip the "block non-compliant email" switch. Otherwise your false positive rate is unacceptable to the majority of customers.

We can talk all we want about the recipient being in control--but the fact of the matter is that they only power they have right now is to walk away from the table and stop receiving any email. New standards will involve negotiation between the major parties, not mandates from an RFC. (And unfortunately, the recipient is only indirectly represented at the table, through the major ISPs.)
--
Kee Hinckley
http://www.messagefire.com/          Junk-Free Email Filtering
http://commons.somewhere.com/buzz/   Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>