ietf-asrg
[Top] [All Lists]

RE: [Asrg] 6. Proposals - Pull System (revisited)

2003-11-26 06:18:26
http://www.ietf.org/internet-drafts/draft-crocker-spam-techconsider-02.txt calls the idea of replacing smtp "appealing" for a number of reasons. I think this long-range idea is within the scope of this group. In fact, I recall that there is some work to evaluate smtp security in light of other types of systems. So, it seems that this idea should not be taken out and shot but should be considered along with other long-range approaches to electronic mail.

Mark
At 08:42 PM 11/25/2003, Chris wrote:

>
> However, the single overriding concern about such system is deployment.
> This is the same problem that faces anyone who wants to replace SMTP
> with a different protocol, push or pull, such as the various AMTP
> variants discussed earlier on. Majority of folks think that complete
> replacement of today's SMTP infrastructure would take too long and be
> too costly, while easier and almost as effective solutions exist.
>

This is one of the main reasons I am for a "pull" system based on smtp
rfc821
it is do-able, requires limited software replacement and can be achieved in
a reasonable time frame (2yrs?)

If software vendors (and I agree with Phill, this is an *if*) get on board
it can be a part of their next "upgrade"

it does not require any fundamental change to the system

just some additional commands on top of the already functioning system

Remember my version does not require the POP client to do any work.
All work is done by the SMTP hosts.
the recipient (client) does not pull the messages the smtp host does that.

the POP client e.g. ms outlook needs no modification

For an example on the uptake of similar technology, how many server
implementations still use http/1.0?

Pull retains the "openness" of the current system. but ultimately flips the
coin from push to pull
and delivers the choice to the recipient not the sender.

Spammers can still spam to their hearts content.

if they follow the rules their mail will get delivered to those who want it.

if they don't follow the rules they receive a reminder of what the rules are
(message denied).

if they continue to cause problems legislators can use the "class"
header/command as the basis for drafting laws designed to stop mail abuse.

e.g. porn vendors sending unsolicited e-mail that ends up in childrens mail
boxes

So an SMTP PULL server configured for a child would have a "class/adult deny
all" setting
if the sender classifies the pornographic email as a "class/general" then it
could be actioned and a conviction sought and got.


>
> The problem with SMTP is not unique to that protocol itself, it is also
> found in other protocols and the structure of the Net itself - every
> user on the Net is inherently trusted by the network. That allows spam,
> trojans, viruses, DDOS attacks, etc. That problem need to be though
> through not just for spam, but for the Internet as whole.
>

This is most definately true.


Chris


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg