Re: Principles of Spam-abatement
2004-03-13 21:39:18
Vernon Schryver wrote:
From: Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com>
Since the IETF is a standards organization, can both you and vsj tell us
in your opinion, if there is anything the IETF should or should not be
doing in the spam arena (changing existing standards, making new
standards, etc.)?
I have the lucky or unlucky task of being one of the two chairs of the
ASRG (together with John Levine). We also tried to reduce many of the
problems the original ASRG had including the large signal/noise ration,
etc. All of this got me thinking about the larger question of what the
IETF should be doing about fighting spam, which is why I am asking the
question here.
draft-crocker-spam-techconsider-02.txt listed some opportunities for
IETF documents. I vaguely recall they included:
- codifying common sense for blacklist operators
I thought ASRG time working on such a BCP, but it seems to have
gone underground.
The two folks working on that ran out of free cycles and stopped their
work. Nobody else has been willing to pick up the slack and none of the
blacklist operators that I have spoken to were interested either
(perhaps I just don't know enough of them). There was also talk about
documenting the existing lookup protocol for blacklists as an
informational RFC, and perhaps work on extensions to this protocol. The
BCP work in the ASRG has migrated to a closed subgroup but hasn't seen
enough interested parties willing to actually do some work.
- improved forms and formats for DSNs.
- improved mechanisms, forms, and formats for logging mail rejections.
- mechanisms for sharing white- and blacklists among MX servers
for a domain.
Some of the other things that have been proposed outside the draft are
standards for abuse reporting, BCPs for handling hijacked machines and
blocking port 25/allowing SUBMIT, standards for exchanging filtering
information and decisions between MUAs and MTAs, standards for creating
a "web of reputation" for MTAs, etc.
It is interesting to note that many of these efforts are solely focused
on areas where standards can make some difference as opposed to seeking
the "silver bullet" for solving the spam problem.
That the spam problem involves TCP/IP does not necessarily imply that
the IETF has a major role in dealing with the problem, any more than
the fact that guns contain metal implies that the American Society for
Testing and Materials (ASTM) has a major role in the search for world
peace. Regardless of the ambitions of individuals to "make a difference"
or become famous, the IETF should strive first and foremost to do no
harm outside its charter in primarily non-technical arenas such as the
fight against spam.
It is interesting to note that the current version of the IETF mission
statement states something similar along these lines
(http://www.ietf.org/u/ietfchair/ietf-mission.html):
"It is important that this is "For the Internet," and does not include
everything that happens to use IP. IP is being used in a myriad of
real-world applications, such as controlling street lights, but the IETF
does not standardize those applications."
The problem is that many parties see the IETF as the caretaker for email
standards and accuse these standards as one of the root problems for
causing spam. Obviously the problem has way too many aspects to be
purely technical and has not real technical solution (FUSSP or "silver
bullet"). Another aspect of that is that many of the technical solutions
to some aspects of the problem such as filters are not even relevant to
the IETF's goal as a standards organization except where standardization
is needed (Sieve for example). Yet the media and some of the industry
players have accused the IETF of foot dragging and not addressing the
problem, when this is clearly out of scope for the IETF.
This discussion got me thinking about the need to state clearly that the
IETF's goal is not to solve the spam problem. I begun writing a draft on
this
(http://www.shaftek.org/asrg/draft-irtf-asrg-ietf-role-in-fighting-spam-00.txt).
Yakov
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: Principles of Spam-abatement, (continued)
- Re: Principles of Spam-abatement, John Stracke
- Re: Principles of Spam-abatement, Vernon Schryver
- Re: Principles of Spam-abatement, Nathaniel Borenstein
- Re: Principles of Spam-abatement, Vernon Schryver
- Re: Principles of Spam-abatement, Nathaniel Borenstein
- Re: Principles of Spam-abatement, Vernon Schryver
- Re: Principles of Spam-abatement, Paul Vixie
- Re: Principles of Spam-abatement, Yakov Shafranovich
- Re: Principles of Spam-abatement, Vernon Schryver
- Re: Principles of Spam-abatement, Dave Crocker
- Re: Principles of Spam-abatement,
Yakov Shafranovich <=
- move to second stage, Re: Principles of Spam-abatement, Ed Gerck
- Re: move to second stage, Re: Principles of Spam-abatement, Einar Stefferud
- Re: move to second stage, Re: Principles of Spam-abatement, Yakov Shafranovich
- Re: move to second stage, Re: Principles of Spam-abatement, Yakov Shafranovich
- Re: move to second stage, Re: Principles of Spam-abatement, Ed Gerck
- Re: move to second stage, Re: Principles of Spam-abatement, Yakov Shafranovich
- Re: move to second stage, Re: Principles of Spam-abatement, Ed Gerck
- Re: move to second stage, Re: Principles of Spam-abatement, Yakov Shafranovich
- Re: move to second stage, Re: Principles of Spam-abatement, Ed Gerck
- Re: move to second stage, Re: Principles of Spam-abatement, Eric A. Hall
|
|
|