mr>Hmm, perhaps "rate limiter" was too strong a word. I only meant that RMX
mr>gives admins the ability to deploy a safety valve, when and where they
mr>want to. As a user, I would appreciate such a thing, just as I appreciate
mr>it when my credit card company double-checks before approving an
mr>unusually-large purchase. Nobody's proposing that we start imposing some
mr>arbitrary limits on people's ability to send legitimate email.
ys> How would such safety valve work? The admin contacts the user, or looks a
ys> the outbound SMTP traffic?
I was thinking along the lines of contacting the user with a
message like this:
------------------------------------------------------------------------
Dear customer,
We apologize for this intrusion.
Our systems indicate that your computer attempted to send a large
number of emails over the last ten minutes. Because unusually
large volumes of outbound email sometimes indicate the presence of
a computer virus, we wanted to check with you before proceeding.
These and further emails will be placed in a temporary
quarantine while we await your instructions. We respect your
privacy, and will not read or otherwise disclose the messages
without your permission.
Please call (800) 123-4567 at your earliest convenience so that
we may process your request without further delay. We appreciate
your business and look forward to serving you again in the future.
--Your friendly email service providers
To change your notification settings, please go to:
https://www.exampleisp.com/my_account_settings/web_form.php
------------------------------------------------------------------------
A well-designed safety valve might be a feature worth advertising to
customers; it has perceived value and helps reduce spam. Think back to
the credit card analogy again--unusual behavior alerts are billed as
something of value to the customer, while at the same time reducing losses
for the company. Of course, the admins must be careful to avoid imposing,
hence "large number of emails" and time period will be different for each
user. They should be given reasonable default values, and the
notification limits could even be changed by the users themselves, as
indicated by the secure web link in the example above.
It is in this sense that I believe RMX (Danisch) and RMX-like proposals
(Vixie, Fecyk) have the ability to limit the spam effect of poorly-secured
desktop machines.
Mike
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg