On Tue, 10 Feb 2004, Dean Anderson wrote:
There is no scheme in which the rules can't be broken by someone intent on
breaking them. The only path is to detect them, and prosecute them. In
the case of spam, detection is easy, but not automatic. Prosecution is
now possible. Its still a whack-a-mole game. It won't end unless you can
Hear, hear. Beautifully said (and I'll have to remember the
whack-a-mole metaphor;-). There are also lovely biological metaphors --
how long has it taken spamsters to develop "stealth spam" that sneaks
past the rulesets of many filters, often by exploiting very specific
features of those filters such as word count mechanisms? Viruses (close
kin to spam) are constantly reengineered with better and badder social
engineering, with variable signatures. Just like real viruses and
pond-scum bacteria, they are changed to be successful in the environment
they operate in as that environment changes to try to eliminate them.
And don't forget, a fraction (possibly large) of spam originates
overseas in countries where they laugh hysterically at the concept of
regulation and prosecution will effectively never work.
So even discussing adding a silly thing like mandatory esigs and
encryption as an antispam measure is a waste of time, except possibly on
a local basis. If I set up a small mailing list (or generalized group
of individuals) and all of its members agree to do this, there is little
"evolutionary pressure" for spammers to detect and foil our scheme and
we will be "immune" (at the cost of a fair amount of extra work). If
everybody does it and the automated tools for doing it without so much
work are widely disbursed, they will develop countermeasures in no time
at all and we'll lose our immunity.
It also isn't clear that this is an IETF issue (although I'm fairly new
on the list and could be mistaken:-). Trying to establish a new mail
standard such that all mail is encrypted in transit -- that seems like a
reasonable issue, spammers or not. Trying to use its influence to
communicate to e.g. AV companies that bouncing messages to the apparent
source of a virus has long since become counterproductive, that also
seems like a reasonable issue -- both are technical/engineering issues
that affect the quality of service of the internet itself.
The spam problem, like the phone problem, seems more likely to be
resolved by strong legislation and vigorous prosecution. It is less a
technical problem than a social one and an economic one.
rgb
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525
email:rgb(_at_)phy(_dot_)duke(_dot_)edu