I'm gonna go with Dave on this one, particularly including:
On Tue, Sep 28, 2010 at 10:13:40AM -0700, Dave CROCKER wrote:
ps. Over the course of my career and especially in the early years,
I've been that wayward -- ie, arrogant and ignorant -- child many
times and while being scolded stung, it was deserved.
which has happened to me as well. I would rather have my
mistakes pointed out -- even if they're embarrassing, and even
if the means of doing so pisses me off -- than remain wrong.
I'll get over it, move on, and hopefully progress to making
better mistakes.
Now as to der Mouse's tone: I found it quite restrained. Let's
keep in mind here that our mutual enemy are spammers, who rank among
the most vile filth on the planet. A little sporadic flack on a
mailing list is *nothing* compared to what they dish out on a
routine basis. So I would suggest that anyone who can't handle
that with ease may wish to reconsider their decision to get
involved in this fight. (der Mouse and I, on our worst possible
days, and working in tandem, couldn't even come close to the
level of vicious abuse that spammers manage before breakfast.)
Now on to the substance (more or less, of the latest two proposals to show
up here, one of which is discussed in this thread). I think any anti-spam
scheme which relies on end users is dead on arrival. Users are stupid,
users are lazy, users are careless, users have spent the last several
decades conclusively proving that they cannot tell spam from non-spam,
phish from non-phish, scam from non-scam. Moreover, the single most
deleterious impact of spam is consumption of end-user time, so even
if everything in the previous sentence weren't true, and the teeming
masses of users were intelligent, diligent human classification engines,
enlisting them to perform that task will chew up the very same precious
resource that spam does: their time.
In general, any proposed anti-spam scheme must account for a number
of unfortunate realities; offhand, I'd list (and I'm well aware that
this is woefully incomplete):
- users are wholly unreliable
- horrible mail clients exist
- users will use those horrible mail clients no matter what
- nobody will change their SMTP, DNS or HTTP server software
- thus fundamental changes to those protocols won't fly
- spammers have an (essentially) inexhaustible supply of domains
- spammers have an (essentially) inexhaustible supply of IP addresses
- spammers have an (essentially) inexhaustible supply of zombies
- spammers have an (essentially) inexhaustible supply of email addresses
- no trustable central authority exists or will exist
- no meaningful legal action by anyone, anywhere, is possible
- spammers will not just sit still and watch
- spammers will very likely try to co-opt any mechanism
- spammers are not all as stupid as we'd like to think
(And yes, I should probably buck up and edit this into the wiki.)
---rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg