ietf-asrg
[Top] [All Lists]

Re: [Asrg] A paper/project worth considering (found it!)

2008-12-16 09:38:00
John Johnson wrote:
Alessandro Vesely wrote:
In general, the reliance of a reputation system is not an
objective datum. I'd invite ESPs to let users choose which
authorities they wish to trust. It is part of the anti-spam
policy, which is different from the firewall policy: _their_
mail, _my_ server.
Are you delivering 100% of the email destined for them?  Or are you
 treating the e-mail as  __my_network_asset__ before delivery?

I just deliver mail to recipients. Well, after A-V filtering. Ah, I also grab postmaster@, abuse@ and similar addresses.

Other than RBL's, what other choices do you allow your users to
tune?

I never meant to give them the root password, if that's what Chris means by "allow them to diddle the server-level knobs directly".

What I wanted to say is that we would get better responses from users if we were able to put better questions. Bayesian filters are so ambiguous that we should be ashamed of proposing them: why would people ever use artificial or natural intelligence if some much simpler statistical data sufficed? And I don't mention TIS buttons, as their ambiguity has been pointed out recently. Doesn't everybody agree that we only use such tools because we have nothing better at hands?

Where does being responsive to your users end, and protecting your network begin?

Hm... I don't work in a large corporate network, so that's possibly where I misunderstand what someone else may mean by "policy". AFAICS, being responsive and protective are not conflicting tasks. Hence, a well planned anti-spam policy should provide for clear-cut user level options, if at all possible. Whether setting those options is or is not part of a system's anti-spam policy, is a terminological question. (And the answer is?)

In particular, reputation systems deserve being at the user level. This is rather an observation than an appeal: governments or similar authorities in charge of patrolling the territory might have endorsed some DNSBLs, say, as part of their job. However, that didn't happen, and reputation, as the Credence paper that started this thread holds, looks likely to remain based on users' judgment.

_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg

<Prev in Thread] Current Thread [Next in Thread>