ietf
[Top] [All Lists]

RE: spam

2003-05-28 07:17:56
Now to add the mess of spam which we all are doing... NO SPAM.
PLEASE...  It has been a unsolvable problem so far... Just like
Lots of social problems we have e.g. poverty...

Regulation/Discipline rather than technology can solve this one 
as when the Punishment for spamming is bigger than the profit, 
we solve the Problem.  On technology front, all we can do is 
make spamming difficult or filter the spam content better
e.g check for spam on mail servers on transmit, forwarding, 
redirection, receive.  Client level filters would not work.  These
all fall in the area of regulating general purpose Internet content
regulation.  Spam is just misuse of this content.  There are so many
other Internet scams we have.

In short, this should belong in some general purpose Internet Security
Forum discussions.

--
Atul

P.S: These are my personal opinions.

-----Original Message-----
From: Anthony Atkielski [mailto:anthony(_at_)atkielski(_dot_)com] 
Sent: Tuesday, May 27, 2003 1:23 PM
To: IETF Discussion
Subject: Re: spam

Paul writes:

... the problem isn't deterring spammers or even
preventing abuse, but rather designing a new
interpersonal batch communications system (ibcs?)
which allows a receiving party to accept or reject
inbound traffic with some kind of confidence in
the identity of the sender, the intent of the relay or
proxy, and the value (to the sender) of the reception.

Designing one is easy.  Getting a billion people around the world to all
implement the system, once designed, is very, very hard.

Additionally, nobody would be willing to accept a single design.  Someone
would claim patent infringement.  Different companies would want to turn it
into a money-making adventure, which would instantly make it unworkable for
most of the world.  Other companies would change the design slightly and
then try to force their own versions as the "true" standard, in order to
make commercial profits.  It would take forever to do.

Whatever the technical solution might be, I think it would have to be
something that requires only action at the receiving end, not the sending
end.  If you require action at both ends, you lock out 95% of the world's
Internet users at the push of a button.  It's like coming up with a solution
that requires everyone to upgrade to a new version of Windows with a certain
service pack.  It's not going to happen.

As always, be conservative in what you expect, and liberal in what you
accept.

my own ideas have to do with trustbrokers ...

Trusted third parties are tempting, but that notion opens a tremendous can
of worms.  Personally, there isn't anyone I'd trust as a certification
authority even for strangers.  A PGP model is more tempting, but it would
require more sophistication on the part of users than can reasonably be
expected for 99% of the world's Internet citizens.  Indeed, any trustbroker
plan has this same problem.

Even if the certification is limited to mailers, you still have the above
problem, only with slightly reduced magnitude.

we (the e-mail producing/consuming community) have
the technology ...

We can rebuild it.  We can make it better.

Nah.  The Internet acquires more inertia with each passing day.  And the
more inertia it develops, the harder it is to implement any active technical
change (i.e., any change that requires actual modification of multiple
systems around the world).  Kind of like moving everyone to IPv6.

what we lack, dear ietf, is simply: leadership.

No, we lack a genius who can come up with something that will work without
requiring a change on one billion computers around the world.  Preferably a
genius who won't file a patent on it, too.






<Prev in Thread] Current Thread [Next in Thread>