Regarding the definition of "spam", I think it's important to note
that other things are reducing the usability of email.
One of my friends reports to me that he's presently getting some 150 spam
E-mails a day. :-(
While I get something like that E-mail volume, only a fraction of the ones I
receive are spam.
While spam control cannot aim for a complete solution to all email problems,
I agree!
...it seems to me that the majority of schemes can address annoying (often:
bulk) mail messages beyond what's commonly summed up as "spam".
My present mail filtering system attempts to deal with a lot of that annoying
stuff. For example, not only does it strip all HTML-burdened attachments out
of
my incoming messages, and does a lot of spam triage based on a variety of
rules,
but it also removes things like most sorts of ads that some mail providers add
to their outgoing messages.
For example, reliable sender tracing might help to track down MTAs sending
erroneous bounces (to header addresses) on huge mailing lists, and
many schemes also work against worms propagating via email.
Removing executable attachments from most incoming E-mails (at least from
senders who are unfamiliar or not specifically authorized to send executable
attachments) is a great way to put the bite on worms and viruses and trojans
that propagate by E-mail. If half a dozen of the biggest ISPs would implement
ONLY JUST THAT (i.e. recipients need to specifically authorize receipt of
executable attachments from specific senders) it would GREATLY reduce the
virus/worm/trojan problem.
A further evaluation point (or a more specific way of looking at the
costs) is required. On the Internet of today, ISPs and ISP personnel
who try to limit the amount of spam originating from their networks
are punished by multiple sides (spam fighting requires additional
hardware and staff, and you mainly reduce your customer base)---and
yet those who invest in spam control mechanisms despite all the
disadvantages (here I'm still talking about outgoing email) receive no
bonus by the current control mechanisms at the receiver side if
something goes wrong (and you can never quite avoid this, of course).
I think that the most practical place to implement filtering is at the
recipient
end, their ISP, and/or their domain provider. That's where the BENEFIT is
mostly felt from the filtering, so that's where the person is MOTIVATED.
That's NOT to say that ISPs shouldn't take responsibility to come down (and
HARD, and FAST) on their users which can be documented as sending spam.
On the other hand, I think that systems which rely just on cooperation
by the receiving side or the originating end user discard a lot of
potential.
Perhaps, but that potential comes at a HIGH cost and I'm not sure that the cost
justifies itself.
Finally, a rule of thumb I find pretty handy at times: does the system
actually reduce the amount of email that has to be transmitted and
read by end users? Fighting spam by generating more mail messages is
quite insane, but many people think its a solution because they chose
a restricted, local point of view.
I still like my idea of a user getting (with whatever frequency) an
automatically-generated E-mail of "mail messages being held" (along with the
specific reasons why each one is being held up) with the ability to rapidly
specify which (if any) of them should be delivered or bounced or whatever,
One of my earliest admonitions as a programmer was that "programs must not only
WORK, they must also APPEAR to work." It's important, I think, that users see
(at least in summary form) what things are being filtered out by their
established policies, so they can tune their rules or (in specific cases)
override the pre-established handling. It also can give them reassurance that
their rules ARE IN FACT catching (hopefully) the great majority of the stuff
they'd otherwise have to deal with.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment! Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg