Chris Lewis wrote:
Rich Kulawiec wrote:
What I'm arguing (and I've argued this elsewhere) is that it's not
the role of end users to set anti-spam policy (in whole or in part)
any more than it's their role to set firewall policy. It's not their
job, and they're terrible at it.
I don't think many would argue against that.
I would, for one.
There is a number of documents about user rights, in categories
ranging from general human rights, through electronic treatment of
data, to email specifically. Many of them establish very reasonable
concepts, some of which are newer than the SMTP model. How are users
supposed to exercise their rights? When we target anti-spam issues,
I'd say users may exercise their rights by setting the options in the
anti-spam policy that are provided for that purpose.
Here's an example: I had a group of users who kept their email
addresses almost secret, but occasionally my server rejected some
legit messages sent to them via a blacklisted provider (before I could
whitelist it.) Thus, they wanted to skip DNSBL checks, and I made it
optional. What's wrong with that?
In general, the reliance of a reputation system is not an objective
datum. I'd invite ESPs to let users choose which authorities they wish
to trust. It is part of the anti-spam policy, which is different from
the firewall policy: _their_ mail, _my_ server.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg