Brett Watson wrote:
I started writing a point by point response to the previous message in this
thread, but abandoned it halfway through as it appeared to be degenerating
into extreme silliness. I'll therefore make a brief "closing argument"
instead.
In the fight against spam, it is worth considering the use of a pull-based
transfer of data at some point in the protocol for the following reasons.
1. It defeats the exploitation of open HTTP proxies and other one-way address
hiding schemes; the sender must take a server role.
2. It can act as an improvement over greylisting, since the recipient is in
control of the callback attempt, rather than waiting passively.
3. It could be incorporated into SMTP in an evolutionary manner if desired.
4. It need not present significant new exploit paths for spammers.
Brad Knowles has raised many objections to my defence of "pull" in this thread
so far, quite a few of which I have left unanswered. I intend to leave them
that way: I disagree with them, but addressing them would probably get me
nowhere with Brad, and bore the remainder of the list. Therefore, I rest my
case.
If anyone (other than Brad) feels that my argument is weak in some way, I'll
be happy to consider the issue, either off-list or on.
KEEP IN MIND that pull is being considered for many applications that
were prior carried over email such as newsletters which begun to migrate
to HTML and RSS. If anyone considers the "pull" proposal viable for
specific applications or even for email, then a document summarizing
pros and cons would be useful. This document should include input from
both side of fence and take the req. and tech. considerations document
into account.
And Brad and Brett - thank you for keeping your cool! In the past many
conversations like this have deteriorate into flame wars. This is a mark
of improvement for the entire group.
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg