Thanks to Walter Dnes for his interesting and helpful list of some of the
tricks
that HTML offers to spammers.
One he didn't mention is the trick of using not only just HTML comments (valid)
to br{!-- --}eak up key{!-- --}words but also the increasing practice of using
comp{asdf}letely bo{xy
z}gus HTML tags for similar purposes.
Yeah, okay, I substituted characters... just so not to trigger spam detectors.
:-)
[snip]
If they want "high quality" e-mail there are a whole variety of options,
going well beyond HTML. One is to send .DOC files (which can be read with
freeware viewers), another is Adobe PDF files.
These options are way worse than HTML.
Yeah, but in exchange they're less likely to be [ab]used as often, and they DO
unarguably yield much better control over final page layout.
...Word documents are proprietary, and I don't know any program
which can display them reliably except MS Word (and then only the same
version which was used to write it).
There are freeware word viewers for download for most platforms, and anyhow
that's only one of several options. Point being that if you REALLY are
concerned about "pretty" layout and absolute format control, there ARE better
ways to achieve that.
PDF files assume a fixed page
layout: My 21" monitor is capable of displaying a whole A4 page in a
readble font size. a 17" monitor usually isnt, and a palmtop doesn't
stand a chance.
Again, sure. HTML was designed to display an 'appropriate' and meaningful
result (even if not known to the sender) regardless of the displaying device.
No surprise that it works well for that.
But not everybody wants the bulk in exchange for the often-limited additional
value (and VERY MUCH not justified risks) and they ought to be given the option
of not accepting it.
Also, Word and PDF generally are a lot larger (even
though HTML produced by editors is often extremely bloated).
Absolutely. These should be used ONLY when *needed* (and they rarely are, for
most folks).
I agree fully, that HTML is usually unnecessary and has little benefit
over plain text, but suggesting the use of Word or PDF instead of it is
replace one evil with an worse one.
Thanks for the concurrence. Again, I'm only pointing out that if you MUST have
fine control over appearance and formatting, any of a variety of technologies
work better. (Hopefully, that's for RARE use on an when-needed basis).
And if they REALLY WANT to use HTML, another approach without most of the
bulk is to put it up on a Web server (using an 'unguessable' URL) and E-mail
(as plain ASCII text) the URL to the intended recipient.
For normal mail, I think that's a really stupid idea.
Depends on the situation.
For a newsletter going out to 150,000 people, I think it's a FINE idea.
As much as I hate HTML-burdened E-mail, I'm *almost* leaning toward suggesting
it to one of my clients... as an optional way to send nice-looking invoices and
such with their graphic form overlay (the graphic form overlay would be a
'background image'). But a perhaps interesting alternative would be to put the
invoice up as a file on a Web server somewhere, and send the user the
hard-to-guess URL of 'their' invoice page.
I agree that it's less interesting for casual users who thoughtlessly thought
it
might be cool to put one word of their email message in boldface or italics.
(It goes a bit
into the direction of message/external-body or Bernstein's IM, but
without automatic retrieval by the MUA, that's a sure way to get your
e-Mail ignored).
Such "automatic retrieval" tends to ignore the concerns and issues of people
who
prefer to read their E-mail offline, perhaps because they pay for their
Internet
connection by the minute.
[Of course, by the same token, the flip side of that is that for the SAME
reasons, they might PREFER to have the stuff just arrive in their E-mail,
rather
than having to reconnect to retrieve it later as a separate operation...
concerns like that is part of why the control needs to rest in the hands of the
recipient.]
It is feasible if the document at the URL meaningful
outside of the context of the email (Like: "I wrote up the minutes of
the last meeting. You can find them at $url").
Sure, that's one example where the HTML is probably better NOT embedded in the
E-mail.
[snip]
I wholeheartedly agree that unnecessary use of HTML in e-mail is
stupid. I completely concur that HTML e-mail is generally a waste of
bandwidth.
Thanks for agreeing. :-)
However, as far as I can see these arguments over how
technically awful HTML e-mail is are irrelevant to this list, because
it's not going away and even if it did spam would just go back to being
plain text.
Spam going back to being plain text would reduce spam volume by probably 70% or
more, and if spam represents 80% of the total E-mail load arriving at some
ISPs,
it's hard to claim that there's no value in achieving that.
(In fact, all the spam that's made it through my filters this week has
been plain text.)
Cool. I'm not going to ask you how achieved that, but I think that more and
more ISPs (and perhaps corporations) are going to use similar kinds of
strategies to filter out more and more of the HTML-burdened spam.
[snip]
We can filter keywords, and spammer will avoid using those keywords. We
can do IP blacklist, and spammer will avoid using those blacklist. We
can ban HTML and spammer will start using plain text. etc etc.
The nice part about them using plain text is that in one fell swoop, we've
denied them A WHOLE RAFT of their deceptive tricks, and in a way that they're
not likely going to find some new "creative" [ab]use of HTML that we hadn't
envisioned and needed to block individually. Gives them very little 'wiggle
room' to avoid the filtering.
So, either you have an adaptive (and thus fuzzy) solution or we need to
think out of box.
I think my solution IS thinking 'out of the box' (compared to the other more
technically esoteric solutions I've seen bandied about). I see it as providing
a fast, nearly guaranteed payback (both for ISPs and their customers) and
without requiring a realistically speaking unattainable consensus.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment! Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg