No. I think that INITIALLY, spam is going to stay HTML-burdened (and a
result,
nearly all of it would be trashed if sent to permission-list-protected
recipients). After some time, spammers will realize that HTML-burdening
their
spam is the 'kiss of death' and they'll stop doing that.
I do not believe that it will take spammers too long to switch to plain
ASCII.
Agreed. And once they do that:
I believe someone on the list has stated that spammers are monitoring the
working group and in the last 60 days there have been significant changes
in spam based on our discussions here. When I mean that they will switch to
plain ASCII, I was not talking about on the order of years, rather DAYS or
WEEKS. By the time you can implement base64 blocking, spammers will already
be using plain ASCII. All you will do is irritate lots of users.
If spam actually represents (as some ISPs have claimed) as much as 80% of their
incoming E-mail, and if by switching to plain ASCII text you cut that volume by
something like 70%, then you've cut the ISPs' E-mail bandwidth and storage
costs
by a HUGE amunt.
I think you'll also HUGELY reduce the opportunity for spammer misrepresentation
and abuse, thus dissuading at least some spammers.
All in all, I think that the resulting decrease in spamming will be HANDSOME
payback for the [very!!!] minor adjustments it might require in user habits.
1) Their spam will be less effective;
How?
They won't be able to make use of links which purport to point somewhere and
actually point somewhere else;
They won't be able to preclude content keyword filters by sending text as GIF
or
JPG images;
They won't be able to use scripting, ActiveX, web services or other malicious
coding in their spams;
They won't be able to use many of the other "hiding/obfuscation" tricks (nearly
all of them HTML-based) that spams so commonly today employ.
And that's just a few... but I've already discussed this stuff here before, I
shouldn't have to go over it time and time again.
2) their spam will be more easily dealt with by content filters;
How? Spammers send HTML encoded mail on the assumption that the MUAs are
able to parse it. What is easier to do: make content filters be able to
parse everything MUAs can, or block HTML encoded mail over the Internet
completely.
I'm not proposing that HTML-burdened E-mail be blocked "completely". I'm
suggesting that it should BY DEFAULT be blocked from UNAPPROVED/UNTRUSTED
senders, on a recipient-by-recipient basis. Recipients could enable either/or
HTML, and/or attachments, and/or encoded text on a sender-by-sender basis.
This
returns control to the receiving user (where it belongs!) and ends up taking
the
great majority of most unwanted spam and routing it either back to the sender
(bounceback) or straight into the bit bucket.
I believe the first one is easier since there are few companies
that make filters many of which already able to parse and process base64,
HTML, etc.
It's not all that difficult to handle HTML, but in the end analysis it's not as
if you NEED to do that. Most all E-mail that arrives UNEXPECTEDLY from
UNKNOWN/UNTRUSTED senders (AND that is spam!) is HTML-burdened. There is
little
or no need to send INITIAL CONTACT messages in less-universal HTML-burdened
mode.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment! Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg