Alessandro Vesely wrote:
Well, having to collect agreements for data processing from each subject
is one of the most annoying applications of EU privacy directives. It is
as when one says: "May I ask you XYZ?" And the other one replies: "Yes,
you already did!" For email, it is possible to avoid that _that kind_ of
consent requests become entries in the recipient's INBOX. One way to do
so, considering multi-destination delivery a kind of forwarding (see
sec. 3.9 of rfc5321), is being tentatively described at
http://fixforwarding.org/.
Maybe I don't understand. If you manage to setup and agreement, then you
have an existing relationship with the sender/forwarder, and this solves
most of the problems, it's just a matter on how to "authenticate". If
you don't, then everything will start with the sender/forwarder
contacting you for permission, and you acting as a consequence. While
this may be annoying for the sender, it is a way the receiver can have
some control on incoming messages. Also, this forces the sender in being
"convincing" in its request, instead of just being aggressive with
advertising. The fact is, these procedures are usually discussed from
the perspective of companies that must ask for permission (to contact
unknown people with their commercial proposals), and not from the
perspective of citizens that can deny this permission. But the goal of
the directive is to protect the citizens from aggressive commercial
practices; while providing a mean to contact people anyway is also a
goal, it is a much less critical one.
But the problem is, spammers won't be that polite, not even in Europe
with our EU Directive :) So you will need to find a way to enforce
compliance with this requirement for your address, that is, a way for
the MTA to know who you authorized...
It may be enough to provide a convenient way to do it, without enforcing
it with blocking policies.
The main problem I see with this framework, is that it seems to require
the cooperation of every step between sender and receiver, and the
intermediate steps taking some responsibility for what they are
forwarding. Is it because of this that there was some discussion about
smtp still being store and forward? However, I still prefer a more
end-to-end approach.
While it seems self-evident that spammers are exempted from complying
with anti-abuse message sender common practices, many careful senders
may be classified as spammers according to the MRDW acceptation of the
term spam. "Spammers" of the latter kind are sensible to reputation
concepts and make a good faith effort to comply with common practices,
because they reason that going along with prospects' desires is more
remunerative than loosing their own reputation on questionable deeds.
Well, my feeling is that good faith spammers are mostly unaware of good
practices, the same way they are unaware of laws. Also, while some
technical people may be willing to deal with good practices, marketing
people may just count the complaints/sales ratio. And they usually rule ;)
--
Claudio Telmon
claudio(_at_)telmon(_dot_)org
http://www.telmon.org
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg