ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Email Postage (was Re: FeedBack loops)

2008-11-17 22:42:23
from [Barry Shein] [Permanent Link] 

On November 17, 2008 at 22:05 rsk(_at_)gsp(_dot_)org (Rich Kulawiec) wrote:

On Mon, Nov 17, 2008 at 06:39:19PM -0500, Barry Shein wrote:

Anyhow, WHAT'S THE HARM?

I mean what's your standard here, that there cannot exist a single
case in the universe where this information might be unreliable?


There's no real harm, but there's no real benefit either.  The same
people who have ignored warnings not to click on everything that's 
shiny will ignore this warning too.


I just don't know. If your email access gets cut off at 1,000 msgs/day
and you see you're at 971 and you only remember sending 4 and you got
cut off before for this and it was a virus....

Anyhow, we can't really even ponder limits w/o feedback to the end
user, but it's really just an implementation feature and out of our
purview. I suppose it wouldn't hurt to remind implementers that
compromised machines are hard to...whatever.


And spammers, well, spammers have long since demonstrated that they'll
innovate when something becomes sufficiently widely adopted to make it
worth their trouble.  So if this tactic was tried by only one ISP --
maybe not.  But if it was picked up a dozen major ones and included
in several significant MTAs or something like that, then it'd probably
be on their radar as worth dealing with.


Ok, we agree the problem is hard. That's why we're here, nicht wahr?

But as I said earlier, as one example, hard cryptography is hard to
crack, other than via social engineering perhaps.

And other mechanisms in the realm of spam and email abuse (e.g., DKIM)
rely on cryptographic methods for at least part of their effect.

So just positing that whatever it is spammers will get around it as a
given isn't adding much, and may not even be true.

But recognize that this is one reason I am interested in adding an
economic component. Spammers might be able hijack NSA's mail server,
but there's not a lot they can do when jack-booted SWAT members kick
in the door and yell "KISS DIRT OR KISS THIS!"

And it seems to me that economic incentives are more likely to lead to
the latter where (ahem) warranted.

-- 
        -Barry Shein

The World              | bzs(_at_)TheWorld(_dot_)com           | 
http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD        | Login: Nationwide
Software Tool & Die    | Public Access Internet     | SINCE 1989     *oo*
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Email Postage (was Re: FeedBack loops), Seth
Next by Date:  Re: [Asrg] Email Postage (was Re: FeedBack loops), Barry Shein
Previous by Thread:  Re: [Asrg] Email Postage (was Re: FeedBack loops), Rich Kulawiec
Next by Thread:  Re: [Asrg] Email Postage (was Re: FeedBack loops), der Mouse
Indexes:  [Date] [Thread] [Top] [All Lists]