Re: [Asrg] Re: Spam, why is it still a problem?
2006-01-17 16:46:48
In message <43CCC3B6(_dot_)40706(_at_)linuxbox(_dot_)org>, Gadi Evron <ge(_at_)linuxbox(_dot_)org>
writes
Why should I accept murder, rape? Or perhaps even just smallish-time stuff?
We should always strive for betterment, and I believe the guy asking
the question meant it in a non FUSSP fashion, i.e.:
How do we explain to the END USER why there is still spam?
I seem to have started the most active discussion this list has had in a
long time and I'm glad that the replies so far have been quite
constructive.
I'm not suggesting any FUSSP. However I am suggesting two things
1. That a lot more can be done with what we know
2. That if we accept the existing infrastructure is ultimately
inadequate then the plan to get us onto the next infrastructure needs to
be worked on, published, communicated and marketed in order to get wide
acceptance.
Some examples to back up 1.
This group looks defunct, the news site has had nothing for 2 years
http://asrg.sp.am/about/news.shtml
The best practice subgroup folded in 2003
http://asrg.sp.am/subgroups/bcp.shtml
Best practice is essential to ensure that we are clear about what we
want and don't want. e.g. no challenge-response.
Once the best practice is established, a review of current anti-spam
vendors could be undertaken and published and only those conforming to
best practice would be recommended. People would then have informed
choice and independent advice on tools on market, further encouraging
best practice amongst the other vendors. (analogy is the Consumers
Association publishing reviews of consumer products and rating them but
in the UK the market leading Dyson vacuum is consistently refused a
"best buy" recommendation because according to the CA it fails to meet
their minimum standard for reliability).
Can anyone here list for instance the top 10 tools by market share for
1. Businesses wishing a corporate in house solution
2. ISPs wishing an email hosting solution and
3. Individuals wanting a POP3/IMAP based solution
and of these which conform to the best practice (and I don't know what
this is as there isn't a current version here
http://asrg.sp.am/subgroups/bcp.shtml)
If we have to think about this, how does the rest of the Internet
community decide? I did find this, is there anything more concise or
relevant from a casual end user perspective?
http://mipassoc.org/spamops/draft-hutzler-spamops-05.txt
Having then promoted and encouraged best practice we can then enjoy more
benefit from the technologies we already have.
Moving on then to the next stage, if these technologies are still deemed
inadequate because of false positives or an unacceptable quantity of
spam (+ phishing + viruses and worms etc) arriving then a global
upgrade of email in some form needs to happen. Whilst I'm not denying
this is a difficult job I don't think it's quite as hard as people make
out. Especially for those people who find their legitimate email blocked
they could easily be persuaded to join in some form of sender reputation
based framework as there's something in it for them. e.g.
http://mipassoc.org/dkim/specs/draft-allman-dkim-ssp-01.txt
Crucially by having this funded and developed as open source, the
Internet community at large would be able to download it for free and
there could be a market for add-ons and commercial services on top of
it. Look at the success of 100 million downloads of Firefox in a year. A
public momentum which allows personal users to download their own
anti-spam next generation software independent of what their ISP chooses
to do would build its own movement in much the same way that the growth
of Firefox seems to have greatly reduced the number of websites saying
"Internet explorer only".
It would be useful to actually see a roadmap of where we imagine things
going in terms of the optimal solutions *this group* recommends and the
expected time-frame to implement them and the actual delivery mechanism
for these to ensure wide take up e.g. marketing strategy, platform
availability, and so on. Who if anyone is currently project managing
this effort and if such a person is needed would a task not be to fund
such a post? Is a mozilla.org equivalent for spam what's required here?
Craig
p.s. Please don't reply to me AND the list. Once is enough thanks.
--
Craig Cockburn ("coburn"). http://www.SiliconGlen.com/
Please sign the Spam Petition: http://www.siliconglen.com/spampetition/
Home to the first online guide to Scotland, founded 1994.
Scottish FAQ, weddings, website design, stop spam and more!
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [Asrg] Spam, why is it still a problem?, (continued)
- Re: [Asrg] Spam, why is it still a problem?, John Levine
- Re: [Asrg] Spam, why is it still a problem?, Craig Cockburn
- Re: [Asrg] Spam, why is it still a problem?, John Levine
- Re: [Asrg] Spam, why is it still a problem?, Craig Cockburn
- Re: [Asrg] Spam, why is it still a problem?, Bill Cole
- Re: [Asrg] Spam, why is it still a problem?, John Levine
[Asrg] Re: Spam, why is it still a problem?, Stephane Bortzmeyer
Re: [Asrg] Spam, why is it still a problem?, Danny Angus
|
|
|