ietf-asrg
[Top] [All Lists]

[Asrg] Proposal: Separate ISP(s) for "guaranteed delivery" of email

2003-06-23 04:16:45
On Fri, Jun 20, 2003 at 11:23:09AM -0400, Yakov Shafranovich wrote

 From the charter:
"The definition of spam messages is not clear and is not consistent
across different individuals or organizations. Therefore, we
generalize the problem into "consent-based communication". This
means that an individual or organization should be able to express
consent or lack of consent for certain communication and have the
architecture support those desires. "

We have no architecture in place for consent-based communications.
First lets develop that architecture, and than we can decide what
goes into it.

  This posting contains a mixture of social/legal/business commentary,
and technical solution.  The social/legal/business commentary is an
explanation of why we need a technical solution, and the bad
consequences resulting if we don't come up with that technical solution.

Business commentary
===================
  Some businesses foolishly rely on email, and cannot function without
it.  Email never has been "five-nines" dependable, is not "five-nines" 
dependable now, and (given its current architecture) never will be
"five-nines" dependable.  Deal with it.  A serious business would never
consider hosting on an el-cheapo website or using an el-cheapo email
provider.  They get the best they can afford, along with an SLA (Service
Level Agreement).  They send out email from a "high-availability" email
provider, with SLA, to customers who happen to be on... wait for it...
el-cheapo $10/month dialup ISPs, or even freebie ISPs.
  The chain is only as strong as its weakest link, and things break down
at the residential ISP end.  El-cheapo ISPs have 5-megabyte inboxes, and
freebie services may only allocate 2 megabytes.  And when your inbox is
full, everything incoming bounces.  Given customer complaints about spam,
plus trying to conserve disc space and bandwidth, the residential ISP
has no choice but to institute some form of blocking.  Barring the
development of computer clairvoyance, there will be collateral damage.

Social commentary
=================
  Marketers are pathological in their inability to take "NO" for an
answer.  They will abuse any system to the maximum extent possible to
get their way.  They would prefer opt-out, but they will abuse opt-in, I
guarantee it.  Real life examples...

  A) A common occurence on the news.admin.net-abuse.email newsgroup is

     Step 1) a "permission-based-mailer" whining about being blocked.
             After it's pointed out that they're sending unsolicited
             email, i.e. spam, they swear up and down that they are
             really, really, really "double-opt-in".

     Step 2) after people trot out their logs showing huge numbers of
             of delivery attempts to *NON-EXISTANT* addresses, which
             couldn't possibly have replied to a subscription confirm
             request, the story changes to "but, but, but, our customer
             swears up and down that it's a double-opt-in list".

     Step 3) Later it changes to "The guy who sold our customer the CD
             of umpteen million email addresses in a back alley swore
             up and down that they're all double opt-in".

  B) Slamming; i.e. the practice of some long distance providers getting
     you switched to their service when they falsely claim that you
     requested the switch.  This is morally equivalent to the lie that
     "you opted in to our mailing list".

Legal commentary
================
  As I pointed out in "Business Commentary" there are businesses that
depend on email.  They will press for some form of guaranteed delivery
to keep their businesses functioning.  I fear that the result will be
some sort of "must-carry" legislation.

Consequences
============
  Kiss personal email good-bye as your inbox gets mailbombed into
oblivion by marketers *claiming* that you opted in (slammers and
spammers are similar in that regard).  Up till now, blocking has kept
email usable.  The legislated removal of blocking means chaos.

  The spammers-in-pinstripe-suits will push for "must-carry" legislation
for their own reasons.  I fear that email-depandant businesses will be
what Stalin called "useful idiots" for the revolution.  They will think
they're acting in their own interests, but they'll actually end up
furthering the cause of marketers.

How to Avoid This
=================
  The marketers will always push for "must-carry".  What we must do is
present a technical solution that guarantees delivery of essential
business-communication email, such that universal "must-carry"
legislation is seen by legitimate (non-marketer) businesses to be
unnecessary.

The Proposal
============
  Business phone lines cost more than residential phone lines, and ditto
for business versus residential ISP connections.  The best analogy is
regular paper mail.  Ordinary letters are often insufficient for
business and/or legal purposes.  If you want to guarantee speedy
delivery (or delivery, period) you expect to pay extra for registered
mail or for a courier.  Businesses will probably accept "business ISPs"
that guarantee delivery *TO CUSTOMERS OF THAT OR ANOTHER BUSINESS ISP*.

  I am suggesting a major paradigm change.  Up til now people have been
used to "THE email system".  My proposal is to rename "THE email system"
to "Personal Email" and create a parallel system called "Business Email".
"Business Email" would cost extra, and *TRANSMISSION* would be only via a
per-email and per-megabyte user fee.  The general public could join with
free "read-only" accounts, with the option of sending one-off messages
for a low fee.  This would literally be the best of both worlds...

  - businesses would be guaranteed the delivery of important documents
    because business ISPs could charge sufficient fees to finance a
    sufficiently robust infra-structure.

  - today's email system, used by Grandma to keep in touch with the
    grandkids, wouldn't have to be totally perverted for the sake of
    big business.

  General chit-chat and even business queries could be done via personal
email.  Guaranteed delivery and irrevocable proof-of-receipt would be
strictly over business ISPs.  Rather than universal "must-carry",
residential ISPs would only be faced with "must-allow-client-access" to
business ISPs.  This would mean not blocking SSL or SSH or VPN or
webmail or any other access *ORIGINATED BY CUSTOMERS OF THE PERSONAL ISP*
connecting to the business ISP.  This does *NOT* include SMTP delivery
of email from a business ISP to a residential ISP.

  Many details remain to be filled in.  Comments, suggestions ?

-- 
Walter Dnes <waltdnes(_at_)waltdnes(_dot_)org>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>