Hello everyone!
I have a lot to say and I hope it's worth hearing....
I am new here and in the process of reading the papers I have found and
learining the "rules" for the whole IETF deal. let me start by saying a few
things about my background as it relates to my view on the whole "SPAM" subject.
I have been using computers and networks for at least 15 years, my first
networks were NOVELL Lans and the local schools. in the mid-to-late90's I was
working in Califonia for an ISP where in 3 years we went from about 2,000
customers to over 30,000. along the way growing the email system was a major
challenge as traffic grew.
now I am more in the database applications side of things than the network side
of it but have done some of everything. I have done a lot of work with RADIUS
to create SQL databases to record and search for IP useage ... sometimes it was
needed to locate crooks.
I am not generaly in favor of "more goverment" but belive that some laws will
be needed to help controll spam.
Ok .... on with some comments that might count:
some things I belive at this time are:
1) make the sender "Pay Postage" will get us further than trying to filter the
junk / spam.
2) the SMTP email system needs to get modified to make forgery of headers very
difficult.
3) common practice, the law and the SMTP software need to make
"accountability" a requirement not an option.
4) as has been stated elsewhere: classifing "SPAM" via program is difficult
and requires constant adaptation.
5) the problem is as much , perhaps mostly an issue of total traffic volume
and the burden it puts on the whole community.
6) the traffic and related handling of it costs us real money.
7) today the recipent bears the cost of the unwanted traffic.
does anyone belive that the 7 points are wrong?
if my points are right then I would say that fighting an up-hill battle over
classifiying spam which is technicaly very difficult and will never really be
possible in our lifetimes unless we develop some very major computer AI systems
is almost a waste of our time.
Instead I would say that we should shift the effort to the elements of the
network and it's infrastructure that we can manage effectivly and then come
back to the issues of "SPAM Vs. HAM" later on.
I would say that if we add accountability to SMTP and make it difficult if not
impossible for the orginator to "Hide" and also perhaps make it a criminal
issue when an originator attemtps to misdirect the reciver then we will be much
closer to winning the spam wars.
I would adopt to some degree the model used by phone companies, when the
originator sends more traffic to the reciver then the orginiator pays the
reciver a fee based on the units sent.
the fee can be small for each message.
why I feel this is the right way to go:
1) it would motivate each mail system operator to care about the volume of
traffic they generate.
2) it would shift the burden of generating high outbound traffic back to the
orginating party.
3) it woulf give the "victims" funds to pay for the exess unwanted traffic.
4) it would shift the legal stance on dealing with the problem as follows: it
is difficult to create a solid legal definition of "SPAM" and due to the
inherent subjective nature of any definition leaves room for argument. also if
we try to "Block SPAM" or "Outlaw SPAM" then they can claim unfair restraint ,
bias , censorship and so on. if we move to a business accounting basis then
there can be no argument that the process is unfair. you have to "Pay your
bills" if you want to use the network. and if you do not pay your bills then
you can't keep ending me traffic. and thats not a "Blacklist" it's not
"Censorship" and so on.... it's basic legal business practice.
I would say the the effect of this would be to reduce the total SPAM by a huge
amount.
it would force the hidden relays, the forged headers and other garbage to stop
or slow to a crawl.
then the reciver would know who sent them the ad for whatever and be able to
complain to them directly. and the indiviudal would have a much simpler time
banning the senders.
the real chalenge with this approach would be getting the right kinds of laws /
regulations in place to allow a victim to make thier case. but that issue is
there now... but due to the lack of accountability and the ease of email
forgery it places a heavy burden on the victim.
well what do you think?
--
=============================================
Denny Figuerres
Denny(_at_)Figuerres(_dot_)com
---------------------------------------------
Twenty billion junk e-mail messages sent per day may
potentially take 20 billion seconds to delete. A human life is a
mere two billion seconds long. In effect, spammers kill ten
people each day.
--
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg