Request for opinions on whether to creating a working group or publish the
following idea as an internet draft?
Spam is big problem that is getting worse. BrightMail.com (which claims to
process 10% of world's email) claims that the percentage of spam out of all
email has grown from 16% in Jan. 2002 to 50% in Aug. 2003.
A fundamental unsolved problem of doing any thing about spam, is there is
currently no unambiguous definition of spam as an enforceable internet
standard. This has been architectually impossible to define because the
receiver is the subjective determinant of which bulk email is solicited and
which is spam (UBE).
ISPs, Hosts, legislators, judiciaries, and even anti-spam software, have a
fundamental problem in that definition of spam as UBE is currently
architectually unenforceble due the fact that subjective determination of
"unsolicited" current happens after the email has been delivered to the
receiver.
My idea is to create an internet draft, RFC, and hopefully internet standard,
that would define a simple architectual paradigm for legitimate bulk email that
unambiguously separates it from spam (UBE).
Simply define that legitimate bulk distribution of email should be done by
mechanism of each bulk distributor providing a public POP3 (and IMAP) account
or server, rather than sending the email directly.
In the case of a public distribution (e.g. most direct email and mailing
lists), a POP3 (and IMAP) account of user "anonymous" with password "none"
would suffice. In the case of private dissemination (private mailing lists), a
POP3 (and IMAP) server with individual accounts could be provided.
The elegance of this paradigm is that users then control the opt-in/opt-out
database, by configuring their email client to POP email from only the bulk POP
accounts they wish to subscribe to.
The effort to support this paradigm is minimal because it uses existing email
paradigm. Legitimate bulk senders have to change from a broadcast ("push")
metaphor (e.g. Majordomo) to a "pull" metaphor simply by depositing their
outgoing email in the public POP account they create. Receivers simply follow
instructions to POP bulk email they want, instead of the equally complex task
of subscribing to bulk email.
This accomplishes several goals:
1. Any bulk email is then spam (receiver has not opted in) and can be dealt
with by ISPs, Hosts, legislators, judiciaries, and anti-spam software.
2. Receivers now have uniform control over opt-in/opt-out policy without a
global authority
3. Legitimate bulk senders can be insured that they or their email won't be
misclassified as spam
4. Those who send UBE can no longer claim they are legitimate or that receiver
has opted-in (ambiguity removed) and can be dealt with by ISPs, Hosts,
legislators, judiciaries, and anti-spam software.
5. With a "pull" paradigm, the load (resource usage) on the public internet,
sender, and receiver is reduced, because I venture that a majority of bulk
email sent would not be pulled.
I think this paradigm would empower Hosts, ISPs, legislatures, and judiciaries
to do more about spam (incoming) and spammers (outgoing), because their hands
would not longer be bound by ambiquity. I realize that some vested interests,
such as direct emailers or those invested in push based mailing lists, might
resist. However, I think the benefits outweigh the limited costs to migrate.
Some direct emailers might resist because some may prefer being able to cloak
spam under the guise of "solicited". Legitimate bulk emailers stand to gain a
lot by separating themselves from the noise of UBE.
Shelby Moore
http://AntiViotic.com