Dear IESG,
IESG Secretary wrote:
The following principles apply to spam control on IETF mailing lists:
* IETF mailing lists MUST provide spam control.
* Such spam control SHOULD track accepted practices used on the Internet.
These two bullets are well-intentioned, but have no clear meaning. Simply put,
there is no way of knowing whether conformance has been achieved.
For example, there are many different sets of "accepted practice" for
anti-abuse
email mechanisms, and what is particularly vexing is that what is deemed
desirable by one constituency often is deemed as deplorable by another.
* IETF mailing lists MUST provide a mechanism for legitimate technical
participants to bypass moderation, challenge-response, or other techniques
that would interfere with a prompt technical debate on the mailing list
without requiring such participants to receive list traffic.
Here, again, is something that is not a technical specification and had no
clear
criterion to permit telling when it is satisfied.
In fact, I'm not sure this bullet even has an appropriate goal. (On
reflection,
I'm not entirely sure what the precise goal is.)
If the intent is to say that mailing lists shall not operate in a moderated
mode, whereby all postings are subject to prior approval by the list
administrator, then that's probably what you need to say. But the language,
here, seems to say that if such controls are in place, any participant can
bypass them. In which case, why have the control?
* IETF mailing lists MUST provide a mechanism for legitimate technical
participants to determine if an attempt to post was dropped as apparent
spam.
This is actually contrary to the way most list software seems to work. When
dropping is done, it is done silently, in order to eliminate that considerable
overhead that comes with large-volume spamming.
If the IESG has something specific in mind, then it should document how to
achieve it for a number of the major mailing list packages.
* The Internet draft editor, RFC editor, IESG secretary, IETF chair and
IANA MUST be able to post to IETF mailing lists. The relevant identity
information for these roles will be added to any white-list mechanism used
by an IETF mailing list.
Oops. This is quite a good idea and I am quite sure that only one or two of
the
ones that need whitelisting are entered in the lists I administer.
But that really leads to the question of where the list of addresses to enter
is
maintained? Given a standard list, then yes, it makes sense to have list
admins
pre-load them.
* There MUST be a mechanism to complain that a message was inappropriately
blocked.
The realization of these principles is expected to change over time.
List moderators, working group chairs and area directors are expected to
interpret these principles reasonably and within the context of IETF
policy and philosophy.
This supercedes a previous IESG statement on this topic:
http://www.ietf.org/IESG/STATEMENTS/mail-submit-policy.txt
That statement contains justification and implementation advice that may
be helpful to anyone applying these principles.
Actually, it really is essential that you add that advice, because I don't see
it in the current draft.
A separate IESG statement applies to moderation of IETF mailing lists:
http://www.ietf.org/IESG/STATEMENTS/moderated-lists.txt
So here is the process question:
The IESG document has shoulds and musts. That means the intent is to be
normative.
Is the IESG in charge of making rules for the conduct of IETF working group
mailing lists?
I thought such rules were the result of an IETF consensus process. When
did
that change?
Please clarify.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf