Re: [Asrg] Spam, why is it still a problem?2006-01-16 06:49:40Hi Craig You say.. Or more to the point why are we letting it still be a problem? <snip/> why is it that there is so little visible progress on this list and generally regards implementing a solution that actually works and which can be easily accessed by the average Internet user? From a "pure" point of view, it is clear that unwanted email never even entered the equation when the requirements for email were first drawn up by those pioneering boffins. They tacitly assumed that everyone who used email would be like them and not even consider doing anything other than to play nice together. In much the same way localisation, identity and security have until recent times never been more than an afterthought to most ICT. The Y2K issue highlights well how implicit assumptions can become invalid and wreak havoc in your systems design. Sadly, and all of us here know it, the real answer to spam requires us to re-analyse the requirements for electronic messaging and consider processes for authenticating identity and for handling unwanted mail and malicious content. We could probably knock together a modern interoperability specification which would accomodate these, and many other, factors but what use would it be? We would then have to convince every user of mail to upgrade their software, and if we manage that what cost would it have? We're left being asked instead to look for the philosophers stone which will take an alamingly open and trusting interoperability mechanism, one of the most widely implemented specifications of them all, and retro fit some paranoia to it in a way which will involve no interruption to service and no cost to users or systems owners. This is in large part confused by the fact that people with different roles have both different definitions of "spam" and different requirements for their perfect solution to implement. You can't have everything, what we're left right now with are: 1/ a small number of extremely well thought out and intelligent proposals which are being suffocated by attempts to assert some form of commercial control over them and a lack of cooperation. E.G. Senderid, SPF, DomainKeys, etc 2/ a large number of less well thought out proposals which tend to recycle discredited concepts in new guises. One thing that any sucessful solution must do is, by using it, to reduce the cost of handling mail, not increase it. If you want to invent a solution which will appeal to the people who pay for the operation of mail transport it has to do the following (reproduced from my blog): "I/ In any messaging system any components involved with identifying and removing unwanted messages should, when operating sucessully, create conditions in which no other parts of the system (particulalrly parts operated by other people) experience an increase in resource consumption as a direct consequence, and should tend to reduce consumption in some components as a consequence of removing unwanted messages." "II/ Any components identifying and removing unwanted messages from the system should reduce their resource consumption as the number of unwanted messages they are challenged with reduces" "III/ Resource requirements for components identifying and removing unwanted messages from the system should be designed to be predictable and based upon measureable attributes of the traffic." 3/ a few very effective filtering products, (e.g. spamassassin) and a load of less effective ones (some appalingly so) . Furthermore Spam is not just an ICT problem it is a social problem. The legislators and law enforcement agencies are achieving only limited small scale sucess. If you want spam to stop dead you only need to replace SMTP as the mail transport protocol of choice for everyone everywhere at once. So you can see that your wish "actually works and which can be easily accessed by the average Internet user" starts to look a bit naieve, because not only is there not an "average internet user" but this problem is very like those promises we used to hear about limitless free electricity they are usually confounded by engineering details not the Big Theory, and human nature which sees little incentive in spending your money to benefit me. d. *************************************************************************** The information in this e-mail is confidential and for use by the addressee(s) only. If you are not the intended recipient (or responsible for delivery of the message to the intended recipient) please notify us immediately on 0141 306 2050 and delete the message from your computer. You may not copy or forward it or use or disclose its contents to any other person. As Internet communications are capable of data corruption Student Loans Company Limited does not accept any responsibility for changes made to this message after it was sent. For this reason it may be inappropriate to rely on advice or opinions contained in an e-mail without obtaining written confirmation of it. Neither Student Loans Company Limited or the sender accepts any liability or responsibility for viruses as it is your responsibility to scan attachments (if any). Opinions and views expressed in this e-mail are those of the sender and may not reflect the opinions and views of The Student Loans Company Limi! ted. This footnote also confirms that this email message has been swept for the presence of computer viruses. ************************************************************************** _______________________________________________ Asrg mailing list Asrg(_at_)ietf(_dot_)org https://www1.ietf.org/mailman/listinfo/asrg
|
|