Dean,
You wrote a very long message in response.
I had drafted a long reply, but then realized this whole
debate is getting far away from the purpose of this working
group which is to provide constructive review or
suggestions concerning the proposals on the table.
I will therefore limit my comments as follows:
* Go to http://www.arialsoftware.com to read the study.
Scroll to the bottom of the page.
(The study was of 1,057 companies and not 1,600 my mistake.)
* I can find no report issued in January, 2004 by the FTC
concerning compliance by bulk mailers as you suggest.
What I can find is the report made to Congress by Muris in
May, 2004 to the US Senate concerning implementation of the
CAN SPAM Act of 2003 and dealing with the spam problem:
http://www.ftc.gov/speeches/muris/040520spamemailtest.pdf
The only thing I can find of relevance is a footnote,
referencing a study dealing with falsity in spam, conducted
in April, 2003:
http://www.ftc.gov/reports/spam/030429spamreport.pdf
In essence, the survey found roughly 2/3rds of all spam had
some indicator of falsity.
According to the related footnote, as of April, 2003, the
FTC had 11.6 million pieces of spam as reported to it by
consumers in its database.
By May, 2004 this number had gone to over 100 million
pieces of spam as reported by consumers.
This suggests we do have a volume problem as it relates to
UBE.
The American Congress made a decision in December, 2003 to
enact a law which focuses on regulating commercial email.
Apart from giving consumers the right to opt-out, this law
does not control volume levels.
It delegates this task to internet access services. In
essence the Act gives these service providers two years to
deal with the problem.
(Why do I say this? Because the FTC has to report to
Congress in December, 2005 on what has happened.)
We can posit lots of theories as to why Congress acted the
way it did.
The FTC has formed the view that an opt-in law will not
control volumes. This underlines the remarks of the
Commission before the Senate in May, 2004.
See also the following:
http://inbox2004.blogspot.com/2004/06/can-spam.html
However, the situation unfolding in Australia would seem to
put paid to this suggestion.
http://www.aca.gov.au/aca_home/media_releases/media_enquiries/200
4/04-55.htm
- and -
http://www.spamhaus.org/news.lasso?article=154
But all this does not matter.
At present, the proposal is sender accountability, which
includes authentication, accreditation and reputation.
The MARID charter, based on the work done by the Anti Spam
Research Group is focused on the use of DNS to allow for
accountability between mail transfer agents.
The purpose of this WG is now to put forward constructive
proposals in reviewing the work done to date.
My own suggestion is simple. Any experimental proposal
which may have significant impact on the Internet
infrastructure should be reviewed by a panel of greybeards.
Since Sender ID and Submitter is an experimental proposal
with significant potential impact, this WG should ask a
panel of greybeards to review the work on an expedited
basis to facilitate the process.
On the underlying philosophical question, do, I think any
technical solution will solve email abuse. Nope. Never did.
Why? The Internet is a human creation and humanity ain't
perfect.
The best we can hope for through one or more technical
solutions is to bring the situation under control and to
keep the situation under control through effective law
enforcement, along with consumer education.
No different than dealing with abusive behaviour generally,
except in this instance the problem and solutions have
technical components.
John Glube
Toronto, Canada
The FTC Calls For Sender Authentication
http://www.learnsteps4profit.com/dne.html
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.729 / Virus Database: 484 - Release Date: 27/07/2004