[Top] [All Lists]

Re: [Asrg] Adding a spam button to MUAs

2010-01-29 11:24:01
Rich Kulawiec wrote:
On Thu, Jan 28, 2010 at 09:41:03AM -0800, Michael Thomas wrote:
The entire thing strikes me as rather elitist: like only Certified 
can determine for you what you don't want to receive.

Not quite.  But maybe so.

We don't (at least I sure *hope* we don't) permit users to determine which
packets will/won't be permitted into our networks.  We set those policies
to maximize security, because we recognize that malicious/dubious network
traffic is a threat.  So for example, we might have in place a mechanism
which begins to reject ssh connection attempts after a certain number of
failures.  There is no real difference between that and rejecting SMTP
traffic -- recognizing that spam is *also* a security threat -- other than
the application protocol involved.

This is a strawman argument: nobody's saying that users should be the sole decider of network badness. What you said however is that users should have NO INVOLVEMENT in deciding what network things they want/don't want. In this particular case, the "don't want" is the form of a button that users can express their displeasure that ultimately
effects some filtering goodness.

Users are not qualified to make decisions about (for example) SSH traffic
management in perimeter firewalls.  Nor are they qualified to make decisions
about about SMTP traffic management in mail servers.  That is why they
are users and not network/server managers.  (They probably get to make
some other decisions that network/server managers don't.  It works both
ways: each according to their expertise and responsibilities.)

This is NOT the same thing as determining for a user (to go back to your
remarks) what "[they] don't want to receive". That's a personal preference
and users are of course free to formulate/express it as they wish.

I don't think this is elitist, I think it's a matter of recognizing that
the spam/not-spam classification process requires expertise *vastly* in
excess of that possessed by almost all users.
The problem I have here is that your taxonomy has SPAM and HAM branching out very early from the tree of email, where only paelospamologists with the proper qualifications ought to be given any credence as to where they fit in the family tree. My position is that the entire idea of this taxonomy is silly, and the paleospam theory is not very helpful in the larger problem of "filter mail I don't want to see". The theory does lead to a full employment act for the paleospamologist priesthood though. Giving the laity any say is a threat, even though the laity is the only place you can possibly get the raw input for the filtering we want rather than
what is given to us on high.

The question should always be: "does user X want this mail?" rather than "this mail is spam/ham in absolute terms". The sooner we get beyond the paleospamogist priesthood, the sooner we get on with the actual job of building products for its users rather than the various other vested interests.



This is not their "fault"
per se because it's not a fault: it's simply a lack of area-specific
experience and knowledge.

Asrg mailing list

Asrg mailing list