ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Dan Bernstein's issues about namedroppers list operation

2003-01-17 08:24:04
from [Dean Anderson] [Permanent Link] 
The current issues with namedroppers administration have nothing to do
with SPAM, but rather have to do with draconian and un-audited controls
given to one person _on_behalf_of_SPAM_.  This was a unwise decision.
SPAM problems did not require that supreme, un-audited authority be given
one person.

A large part of "SPAM" is not a matter of marketing. It is a matter of
terrorism, where instead of violence, they conduct annoyance.  The persons
creating the vast bulk of the abuse are people trying to terrorize or
annoy people into banning spam.  Vixie said from the start that it was his
goal to make things worse. He has succeeded: More annoying it is.  These
people have no real commercial motivation--at least, not with respect to
the services described in the emails they send. They aren't trying to sell
anything by email. They are trying to sabotage the system of email, and
annoy people.  One might wonder who would only want to annoy people, and
for what purpose, since they are not trying to sell something.

No matter what kind of system you build, if there is any openness for
people, whatsoever, it will be vulnerable to abuse by people inclined to
conduct such abuse. There is no way to prevent that abuse. You can try to
delete the abuse, after it has occurred. You can implement moderation with
the incumbent delays, and other problems, which are necessary or
unnecessary consequences of moderation.  You can complain to the ISP's who
sold accounts to the abusers. Etc. These things are all activities
performed after the fact. Even the moderation staff still has to deal with
the abuse, if the entire list doesn't.

When someone is trying to annoy you, the correct response is not to be
annoyed, but to remain calm. Like terrorism, there is no solution to spam.
Whatever you do, beyond punishing those directly responsible, will only
make the matter worse.

                --Dean


On Thu, 16 Jan 2003, Hallam-Baker, Phillip wrote:


There is a proposal to start an IRTF research group on the topic of
SPAM. Perhaps one of the things that could be looked at is how mailing
lists could apply spam defenses and still maintain open-ness.

Many of the problems with spam are now the second order effects of
dropped messages that should have been forwarded.

By default SpamAssasin is configured to consult a blacklist that is
currently blocking all UUNET addresses because the maintainer does not
like something that a UUNET subscriber is publishing on their site. I
conclude that blacklists of that type will not last long as the Internet
starts to re-route arround the censorship damage.


That said, there is an old proverb in politics about what you should do
when you become the story. I think the issues that concern the group
members here are more than just the alleged filtering of Bernstein's
posts.


              Phill


-----Original Message-----
From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
Sent: Friday, January 10, 2003 8:00 PM
To: Thomas Narten
Cc: moore(_at_)cs(_dot_)utk(_dot_)edu; djb(_at_)cr(_dot_)yp(_dot_)to; 
ietf(_at_)ietf(_dot_)org; iesg(_at_)ietf(_dot_)org;
namedroppers(_at_)ops(_dot_)ietf(_dot_)org
Subject: Re: Dan Bernstein's issues about namedroppers list operation




Specifically, all mail sent to namedroppers is:

1) first run through spamassassin. Mail that is rejected here is not
   archived, as the number of such messages is large. All

mail sent to

   mailing lists on the server hosting namedroppers is run though
   spamassassin, so this is not a namedroppers-specific procedure.


SpamAssissin needs to be shot.  Most of its criteria are
really poorly chosen.
Even if its criteria are good at identifying spam on a large
scale (with few
false positives) that doesn't mean they will work well for a
narrowly-focused
discussion.  In my experience SpamAssassin has too high a
false positive rate
to be trusted without human review as a backup.

Keith

p.s. regarding messages that did not make it to the
namedroppers archive -
are the IETF archives still using to/cc message headers to
decide which
archive a message should be stored in?   if so, is it
possible that a message
which was sent to multiple lists might be archived in only
one of those lists?

--
to unsubscribe send a message to
namedroppers-request(_at_)ops(_dot_)ietf(_dot_)org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: email and spam, Jaap Akkerhuis
Next by Date:  Re: email and spam (was: Re: namedroppers, continued), Bob Braden
Previous by Thread:  RE: Dan Bernstein's issues about namedroppers list operation, Hallam-Baker, Phillip
Next by Thread:  A funny website, anthony
Indexes:  [Date] [Thread] [Top] [All Lists]