[Top] [All Lists]

[Asrg] 0. General

2003-10-21 06:43:34
Hello everyone!
I have a lot to say and I hope it's worth hearing....
I am new here and in the process of reading the papers I have found and 
learining the "rules" for the whole IETF deal. let me start by saying a few 
things about my background as it relates to my view on the whole "SPAM" subject.
I have been using computers and networks for at least 15 years, my first 
networks were NOVELL Lans and the local schools. in the mid-to-late90's I was 
working in Califonia for an ISP where in 3 years we went from about 2,000 
customers to over 30,000. along the way growing the email system was a major 
challenge as traffic grew.
now I am more in the database applications side of things than the network side 
of it but have done some of everything. I have done a lot of work with RADIUS 
to create SQL databases to record and search for IP useage ... sometimes it was 
needed to locate crooks.
I am not generaly in favor of "more goverment" but belive that some laws will 
be needed to help controll spam.
Ok .... on with some comments that might count:
some things I belive at this time are:
1)  make the sender "Pay Postage" will get us further than trying to filter the 
junk / spam.
2)  the SMTP email system needs to get modified to make forgery of headers very 
3)  common practice, the law and the SMTP software need to make 
"accountability" a requirement not an option.
4)  as has been stated elsewhere: classifing "SPAM" via program is difficult 
and requires constant adaptation.
5)  the problem is as much , perhaps mostly an issue of total traffic volume 
and the burden it puts on the whole community.
6)  the traffic and related handling of it costs us real money.
7)  today the recipent bears the cost of the unwanted traffic.
does anyone belive that the 7 points are wrong?
if my points are right then I would say that fighting an up-hill battle over 
classifiying spam which is technicaly very difficult and will never really be 
possible in our lifetimes unless we develop some very major computer AI systems 
is almost a waste of our time.
Instead I would say that we should shift the effort to the elements of the 
network and it's infrastructure that we can manage effectivly and then come 
back to the issues of "SPAM Vs. HAM" later on.
I would say that if we add accountability to SMTP and make it difficult if not 
impossible for the orginator to "Hide" and also perhaps make it a criminal 
issue when an originator attemtps to misdirect the reciver then we will be much 
closer to winning the spam wars.
I would adopt to some degree the model used by phone companies, when the 
originator sends more traffic to the reciver then the orginiator pays the 
reciver a fee based on the units sent.
the fee can be small for each message.
why I feel this is the right way to go:
1) it would motivate each mail system operator to care about the volume of 
traffic they generate.
2) it would shift the burden of generating high outbound traffic back to the 
orginating party.
3) it woulf give the "victims" funds to pay for the exess unwanted traffic.
4) it would shift the legal stance on dealing with the problem as follows: it 
is difficult to create a solid legal definition of "SPAM" and due to the 
inherent subjective nature of any definition leaves room for argument. also if 
we try to "Block SPAM" or "Outlaw SPAM" then they can claim unfair restraint , 
bias , censorship and so on. if we move to a business accounting basis then 
there can be no argument that the process is unfair. you have to "Pay your 
bills" if you want to use the network. and if you do not pay your bills then 
you can't keep ending me traffic. and thats not a "Blacklist" it's not 
"Censorship" and so on.... it's basic legal business practice.
I would say the the effect of this would be to reduce the total SPAM by a huge 
it would force the hidden relays, the forged headers and other garbage to stop 
or slow to a crawl.
then the reciver would know who sent them the ad for whatever and be able to 
complain to them directly. and the indiviudal would have a much simpler time 
banning the senders.
the real chalenge with this approach would be getting the right kinds of laws / 
regulations in place to allow a victim to make thier case.  but that issue is 
there now... but due to the lack of accountability and the ease of email 
forgery it places a heavy burden on the victim.
well what do you think?

Denny Figuerres
Twenty billion junk e-mail messages sent per day may
potentially take 20 billion seconds to delete. A human life is a
mere two billion seconds long. In effect, spammers kill ten
people each day.


Asrg mailing list

<Prev in Thread] Current Thread [Next in Thread>