Alan,
AD> Similarly, bandages solve a transient problem, but the *existence*
AD> of bandages is a permanent phenomenom. No one would claim that
AD> bandages "do nothing to reduce injuries" because the problem solved by
AD> bandages is transient in nature.
Interesting analogy. Let's explore it a bit.
Bandages do not promote healing; in fact they reduce it. Their
legitimate job is to keep dirt out. When I was growing up, they were
used immediately whenever you got cut. Current medical wisdom is to
use them judiciously.
But the real problem with the analogy is that it entirely misses the
nature of the email tool being built and the nature of what it is in
response to.
The biggest worry about 'the nature of what it is in response to' is
that it has us chasing symptoms rather than causes. Spammers have
proved to be astonishingly and quickly adaptable and our response
times are pathetically slow. This means we will always be chasing the
latest symptom, rather than going to any core characteristics of the
"disease".
From a standards-making point of view, the bandage image suggests
selective application in quick response to special situations.
Unfortunately, that's not they way global standards get used.
Global standards are not used individually and they are not used
selectively. They are for interoperable situations. The result means
that applying a bandage becomes a required part of everyone's contact
with anyone else, everytime. That is neither selective nor
inexpensive.
And that's just for the current symptom.
And it has serious downside impact, if it constraints the transfer
paths of email.
All in all, this means that we are discussing major, strategic changes
to the email infrastructure, for minor, tactical, transient benefits.
I'd be interested in hearing of examples of useful global standards
that have had similar properties.
AD> To put it yet another way, MARID can be thought of as a set of
AD> distributed DNSBL's.
Sorry, but CSV follows the BL construct, marid-core does not.
AD> Each domain operates its own DNSBL (or
AD> whitelist), which use a well-known format.
And each domain is supposed to maintain this list how, exactly? Note
that the question is particularly relevant when spammers are quickly
obtaining and using new domains with clean records.
AD> Peers on the net can look
AD> up information for a domain via DNS, and choose to apply the DNSBL
AD> information (or not).
"look up information for a domain via DNS"? what whitelisting service
mechanism is specified in marid-core?
AD> None of this is new to the net. DNS already tells peers where to
AD> find information (e.g. MX's),
THat's not what MX does. MX is a routing record, not a query record.
d/
--
Dave Crocker <mailto:dcrocker(_at_)brandenburg(_dot_)com>
Brandenburg InternetWorking <http://www.brandenburg.com>
Sunnyvale, CA USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>