ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] RE: 6. Proposals - Pull System (revisited)

2003-11-29 16:17:33
from [Hallam-Baker, Phillip] [Permanent Link] 
Whether or not pull eliminates spam is besides the point.

Pull eliminates false positives which are a serious problem for email
broadcasters. It does not matter how good some spam filter might be in
theory, if you are on the sending side you have to deal with the rubbish
people use, or more accurately their ISP uses.


                Phill


-----Original Message-----
From: Scott A Crosby [mailto:scrosby(_at_)cs(_dot_)rice(_dot_)edu]
Sent: Saturday, November 29, 2003 1:34 AM
To: Yakov Shafranovich
Cc: Chris; Hallam-Baker, Phillip; Asrg(_at_)ietf(_dot_)org
Subject: Re: 6. Proposals - Pull System (revisited)


On Wed, 26 Nov 2003 18:05:13 -0500, Yakov Shafranovich 
<research(_at_)solidmatrix(_dot_)com> writes:


Chris wrote:

this is a research group. we should research and then make
recommendations


This is an engineering workgroup, not a fantasy land workgroup.
The scope is
control of spam. Any protocol changes have to be feasible.

BEFORE you propose throwing out SMTP you have to explain 

exactly what is

wrong with it and the reason why incremental change is 

not possible.

Please re read my original post



I do not intend to throw out SMTP they are your words
pull *IS* smtp
with two extra steps outgoing request and incoming accept/deny
both can use the current infrastructure UNCHANGED




The question is how is going to help stem spam. That needs to be
answered before going into minute details of implementation.



Pull might help stop spam. Right now, a sender system only has to
exist to inject a single message for it to get through. With a pull
mechanism, the sender must remain at a stable IP address for at least
a few hours to a few days. Sending systems can't be ephemeral anymore.

By a pull system what I mean is a system where a sender pushes an
announcement that a message is ready. A recipient then 'pulls' the
message from the sender at a later time just as they are. The push
message contains a nonce for retrieval and a cryptographic digest of
the message.

With a pull system, you can 'retroactively' block access to messages
sent from malicious serveres, by exploiting the hours or days between
being sent and being read. This is because the messages have yet to be
distributed to a million mailboxes.

Whether or not this is worth a protocol change I won't say, but it is
another mechanism.  I hate to say it, but from reading ASRG, people
seem unwilling to make hard choices. 

Scott



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 6. Proposals - Legal - Subject labeling; do-not-spam list; banners, Matthew Elvey
Next by Date:  Re: [Asrg] 6. Proposals - Legal - Subject labeling; do-not-spam list; banners, Eric S. Raymond
Previous by Thread:  [ASRG] Re: 6. Proposals - Pull System (revisited), Jon Kyme
Next by Thread:  Re: [Asrg] RE: 6. Proposals - Pull System (revisited), Yakov Shafranovich
Indexes:  [Date] [Thread] [Top] [All Lists]