ietf-asrg
[Top] [All Lists]

Re: 3. Requirements - Anonymity (was Re: FW: [Asrg] 0. General)

2003-10-28 10:19:46
Jonathan A. Zdziarski wrote:
Eric Dean wrote:
Regarding consumer access, most ISPs place port 25 filters on their
access lines.  A sender can only send email to a subset of email relays.
This works moderately well.  Most spammers have many alternatives for
sending email (see item B) rather than via the ISPs mail server
specified within the port 25 access list.

(I'd disagree with the statement that 'most ISPs' filter port 25, but
whatever ;-)

However, if restricted by alternatives will spammers try to go through 
the ISP and will that lead to the ISP cutting down on anonymity?

Being that a majority of spammers who use ISP accounts are either using
stolen accounts, or accounts they purchased with a pre-paid credit card,
I submit that even if the ISP cracks down on anonymity and is able to
identify the user on their system, the spammer will still be able to
maintain complete anonymity as a result of their utilization of the
account.

So then we're back to square one: we've authenticated a user at an ISP
who doesn't really exist in real life =)

The issue here is that accountability facilitates a web of trust (or web
of distrust) - if that ISP is known to give out anonymous accounts, then
a recipient can choose that their 'view of the internet' shouldn't
include receiving mail from users at an ISP with that policy.

This is quite comparable to the phone company offering you the option of
blocking calls from people whose caller-id information is not available.

                                                        David


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>