However, many of you are correct in stating that the needs of Internet
users is what determines change. The question is who are the users? Is
it the ISPs, or perhaps the backbone operators? Or is it the
end-users?
The end users are the ones I care about.
I have not heard the ISPs asking for a solution to their problems, they
have been asking for a solution to their end-user's problems.
Why should we care about the end users and ISPs, if they do not care
about the rest of the Internet? A lot of spam is being sent by
hijacked machines. MyDoom spread like wildfire around the Internet, not
because of some security hole in MS Windows, but because ignorant users
clicked on the attachements.
The customer is always right, even when they are wrong.
I have an inbox full of MyDoom spam sent by McAfee, Symantec and the rest.
All taking the opportunity to advertise their product just because my
email address has been impersonated by MyDoom.
The MyDoom virus itself had no effect on me, it was all trapped in my
virus filters. I am getting 100 spams from filter companies each day.
Before we try educating the consumer, lets try to educate the virus
companies.
ISPs refuse to cooperate on abuse reporting
and other anti-spam measures.
You might have more sympathy there if the 'leaders' of this group was
not responsible for keeping me out of those discussions.
However, you must determine who you care about. Any change will be
painful, especially here. Anything that is proposed,or
implemended will
affect some proportion of users somewhere. Do we care about
the majority
of the users who will gain benefit, or the minority who will
lose out?
That depends who the minority is. When the minority is a small
user base of geeks who want to use some arcane loophole in
legacy specs I don't much care. If it is a group like visually
impared folk who have a real issue that won't go away that is
a different matter.
If there is a major deployment constraint that is a show stopper
for a party that supports a large part of the industry that is
something we should listen to.
If the problem is some hobyist's code writen ten years ago and
has not been maintained since then that can go.
There is also an inherent presence of certain
preconceived notions such as "Company XXXX or organization
YYYY is evil".
You don't say?
My question to all of you is: how can we get something useful
going out
of all of these, instead of engaging in debates? Is there anything
useful that we can do as a group to solve the problem?
We could start by taking a serious look at SPF and write down a list of
what we think is right and what we think is wrong with it.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg