Re: [Asrg] The Solution To Spam - The First Response
2003-06-28 08:50:59
At 3:47 AM +0000 6/28/03, Mark McCarron wrote:
The graphic is for email clients such as Outlook
express and Eudora, etc. A new graphic is
downloaded for each email. The system has no
intention of stopping legitimate email even
automated systems. They just register with an
'EAS' provider and all mail is sent through it.
Legitimate businesses will have to provide legal
company registration details (such as reg.
company number, etc). They receive a special
code, upon agreeing to a legally binding
This list has had this type of discussion before.
Those are approximately the requirements
necessary for an SSL certificate. SSL
certificates currently last one year at about
$100/cert. The margins are such that virtually
no background checks are done. And of course
there is no revocation, arbitration or
verification done for how you use it afterwards.
I would guess that, at a minimum, the level of
support you are requesting would result in a fee
on the order of $1000/year in order to support
the necessary infrastructure and support needs.
It might be somewhat lower because the volume of
sales would be many orders of magnitude higher
than SSL certs, but I can't see it being any
cheaper.
Additionally you need another class of
certification there, and I don't know how you're
going to do it. Mail servers are run by many
people, not just "registered" companies.
Validating a random individual is even harder
than validating companies. (Never mind what
happens when you have someone like a friend of
mine, a long-time security expert, who has never
owned a credit card in his life.)
Excellent points. Let's deal with the first
one, there is millions of mail servers in the
world, however, all these mail servers have one
thing in common, they are linked to the internet
backbone via some form of ISP. This is why I am
referring to ISPs. Therefore, we take this
common point and
Yes and no. There are millions of mail servers.
Those mail servers are connected through an
"ISP". However in the case of most company
connections that ISP does *not* currently provide
email service (or if they do, not at the QoS
required by the company). So you are asking all
of those ISPs to start providing a service that
they don't currently provide at all, never mind
how you are going to integrate that into the
company email servers.
independant body. If set up in partnership with
the largest email and ISP providers, then the
rest of the industry would be assured of its
reputation,
Let's see. That would be AOL and Microsoft. What am I assured of? :-^
furthermore, the system must operate within
legal boundries. Mailing lists must be
associated with a bonafide website, also they
must contact 'GIEIS'
What is a "bonafide" website, and how do you tell?
directly for setup. A credit card will be
required and a $1 (£1) charge will be made to
it. Also, a mailing adress and telephone
contact information would be required. They
will receive a written copy of the 'Terms of
Service' which they must sign and send back to
'GIEIS'. Upon reception 'GIEIS' will implement
the account with their ISP. The emails then
sent will be analysed by heuristics. Each
message will also be parsed for HTML code, such
as IMAGE tags and jpg, bmp images. As the
majority of mailing systems use either ASCII or
UNICODE text only, spam can be detected, blocked
and the offender's credit card billed with a
fine. I have not placed estimates on the cost
of implementation. The industry is loosing $12
Billion a year, even if the partnership spent $1
Billion per year (an outragous amount) they
would still be saving $11 Billion. The
'beancounter' (accountants) would love that.
There are several problems here.
First of all, when you see all those numbers
about "losing" $12billion, they don't mean that
literally. They are talking about productivity
costs and opportunity costs and such. The "fact"
that spam costs $12B does not mean that companies
have $12B to spend if it went away. Furthermore,
the costs of spam are spread over millions of
people, whereas the costs of your service are
focused on a much smaller group of companies.
Also, you need to rethink the scale of the email
system. You are envisioning centralized systems
using complicated software to analyze the content
of email messages. First of all--there's no way
in hell anyone is going to allow a third party to
analyze the content of their email. Secondly,
the existing mail system carries billions of
messages a day. The infrastructure to analyze
that kind of flow simply does not exist, nor is
likely to.
True. However, there will most likely be a
period of introduction, for example 6 months.
Then there will be a D-Day from which point, the
system becomes exclusive. This will force the
rest of the industry to adopt or face not being
able to communicate with other networks. The
result of non-compliance would be the loss of
their customer base.
Millions of end users would have to update their
software (if it's possible--often, especially in
the third world, they may be running machines and
operating systems which are no longer supported).
Millions of MTAs changed. ISPs implementing new
software that has never been tested. Entirely
new business relationships with all of the ISP
clients. New requirements on how email is
routed, with all company email going through
centralized servers that didn't exist before.
The creation of an extra-govermental organization
with the ability to put any company out of
business at a whim.
This isn't an anti-spam proposal. It's something out of George Orwell :-).
blind and severely visually impaired. We have
not forgot about this highly important client
base. Such as a simple puzzle in brail,
something that would be difficult to automate
for but simple enough for a human to do.
Umm. Blind computer users do not use braille to
read the screen. They use screen readers that
read the text to them. But anyway, I'm sure you
could deal with it.
However on the whole, I would say that the
proposal is socially, politically, commercially
and technically impossible to implement. It
makes incorrect assumptions about how people use
email, how they update software, how companies do
business, how ISPs do business, how email travels
from point a to point b and who sends it.
--
Kee Hinckley
http://www.messagefire.com/ Anti-Spam Service for your POP Account
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
|
|