----- Original Message -----
From: "Keld Jørn Simonsen" <keld(_at_)dkuug(_dot_)dk>
To: "Keld Jørn Simonsen" <keld(_at_)dkuug(_dot_)dk>
Cc: "Keith Moore" <moore(_at_)cs(_dot_)utk(_dot_)edu>;
Sent: Saturday, February 14, 2004 10:20 AM
Subject: Re: Best practices to avoid virus and spam
To me, the model is a bit like what the economists call game theory,
that if you sacrifice some of your own ressources initially, you can
actually get a better result overall for the society, and actually also
hmmmmm, interesting way of putting it. :-)
Exactly! By sacrificing some RCPT lookup time, your mail system as a whole
AKA "society" is improved. In your suggestion, you are putting all the
pressure point into one spot, which is doom to fail one way or another
because you took away the capabilities of the each different entity. By
spreading the "duties" of the entire process, you optimize the end results.
Yes, it seems your end results are different than most, certainly different
than mine. Even if the end-results are the same, how one get there is also
quite important. I would prefer a system written for efficiency and
throughput using compliancy as a basis. Why would I want to increase
transaction time to one that is 3-4 times larger than it needs to be?
Specially, when the end result is the better or the same.
Anyway, I am not quite sure what is being proposed here as it sounds more
like an implementation issue. I don't believe this will help the SMTP
process. Although, I am in full agreement that the SMTP process needs to
take a deeper look at user mail processing, a taboo in traditional designs.
In fact, I believe there is a current bill in Canada that enforces ISP to
have a "Spam/Virus Mail Filter" installed. That means to me, that from a
product standpoint, the market will want a "product" or "system of products"
that offers all the features they need to have. Today, it may be considered
"mal-practice" (or just plain stupid) to have a mail system that doesn't
offer any kind of SPAM/VIRUS filtering/protection.
Hector Santos, Santronics Software, Inc.