Hello Yakov,
Many thanks for the detailed reply. Point taken on the "subject" guidelines.
Apologies to all.
A bit on my background
I'm currently working on a dissertation regarding spam - where it comes
from. To this end I've seeded 398 email addresses in various places on the
web including web pages, mailing lists and newsgroups. The honeypot is in
operation for about 3 months now and so far I have only received about 300
actual spam messages.
The major finding so far is that 80% of the spam comes from email addresses
posted to newsgroups and only 10% from web pages, despite trying to
advertise them as much as possible with the search engines. I seems that it
takes longer for the spammers to get email addresses from web pages or least
that low traffic websites are not their target.
If anyone else in the group is investigating similarly, or has any views, I
would be happy to hear from them.
many thanks,
Liam
----- Original Message -----
From: "Yakov Shafranovich" <research(_at_)solidmatrix(_dot_)com>
To: "Liam Meany" <meanyl(_at_)eeng(_dot_)dcu(_dot_)ie>
Cc: <asrg(_at_)ietf(_dot_)org>
Sent: Thursday, September 18, 2003 6:54 PM
Subject: 2. Analysis - Spam Definition (was Re: [Asrg] Spam definition!)
Liam Meany wrote:
Hello all,
Sorry for changing the subject but I was wondering if anyone knows if
there
is an offical definition from the ASRG on what spam actually is? I had a
look at the IETF website but could not find one.
Hi Liam,
First of all just a reminder to follow the posting guidelines
(http://www.irtf.org/asrg/asrg_mailing_list_information.htm). I changed
the subject of the message to comply with the guidelines.
To answer your question - we all agree that we disagree. We do not have
an official definition and are not seeking for one. Rather, we want to
leave the definiation of spam to be defined by each end-user and ISP as
they want, with the ASRG defining and evaluating different tools to make
it happen. This is reflected in the ASRG charter
(http://www.irtf.org/charters/asrg.html):
"The definition of spam messages is not clear and is not consistent
across different individuals or organizations. Therefore, we generalize
the problem into "consent-based communication". This means that an
individual or organization should be able to express consent or lack of
consent for certain communication and have the architecture support
those desires."
From the consent framework
(http://www.solidmatrix.com/research/asrg/asrg-consent-framework.html):
"This model does not concern itself with defining what spam is – one
person's spam message may be another's freedom of speech. Thus, we only
seek to define a consent framework – everything else is left to the
implementors and the users themselves."
From the technical considerations document
(http://www.ietf.org/internet-drafts/draft-crocker-spam-techconsider-02.txt)
:
<snip>
Internet mail has operated as an open and unfettered
channel between originator and recipient. It has
always suffered from some degree of abuse, in which
originators impose on recipients inappropriately. In
recent years, a version of this abuse has grown
substantially. Called spam, its definition varies from
"unsolicited commercial email" to "any email the
recipient does not want". Often there are no technical
differences between spam and "acceptable" email. Their
format, content and even aggregate traffic patterns may
be identical. Hence spam is a problem for fundamentally
non-technical reasons, yet the Internet technical
community must pursue technical responses to it. The
lack of strong community consensus on a single, precise
definition makes this particularly challenging.
For most working discussions, the term "Unsolicited
Bulk Email" is sufficient. The salient point that it
is a mass-mailing ensures that discussion covers the
broadest concern of the user and provider
communities. Mail that is not in some real sense "bulk"
cannot flood networks or mailboxes. Essentially all
mail that people object to, as "spam", is bulk. For
example practically all objectionable advertising mail
is also bulk, although modern techniques for targeted
advertising can permit extensive content or address
tailoring. "Bulk" is usually very difficult for an
individual recipient to prove, but almost always easy
to recognize in practice.
More detailed discussion must, of course, be precise in
the definition of "unsolicited" and usually must
distinguish between different types of mail, such as
commercial, religious, political or personal.
<snip>
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg