|
Re: IESG Statement on Spam Control on IETF Mailing Lists
2008-04-15 08:10:50
I'm not sure I agree. I do agree with Henrik's comments to the
extent that I think we need to be clear. Obviously there's some
ambiguity and we should clear that up.
My interpretation of the two statements is that they are
complementary, not conflicting. I would say that the third bullet
is a response to the first bullet "running amok". In other words,
if you're going to have SPAM control, you have to deal with the
problem of false negatives. It seems to me that all the third
bullet is trying to say is that when individuals find themselves
subject to a "denial-of-service" because of a false negative report
from the SPAM control, there has to be a way for them to get
through.
I don't know if that's what was intended. If it was then that
needs to be made clear. This could be helped by explicitly
suggesting a way around, which is to forward the message to a
Chair, list moderator (easily visible on the Mailman listinfo page
for the list), Area Director, or perhaps even to the Secretariat
for forwarding to one of these people if the person is having
trouble even getting to them.
If that's not what was intended then I agree completely with Henrik.
Jim
-- On Tuesday, April 15, 2008 9:00 AM +1200 Brian E Carpenter
<brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com> wrote regarding Re: IESG
Statement on
Spam Control on IETF Mailing Lists --
+1 to Henrik's comments. I don't think the two MUSTs
that he comments on are algorithmically possible.
Brian
On 2008-04-15 08:25, Henrik Levkowetz wrote:
Hi,
On 2008-04-14 17:39 IESG Secretary said the following:
The following principles apply to spam control on IETF mailing
lists:
* IETF mailing lists MUST provide spam control.
* Such spam control SHOULD track accepted practices used on
the Internet. * IETF mailing lists MUST provide a mechanism
for legitimate technical participants to bypass moderation,
challenge-response, or other techniques that would interfere
with a prompt technical debate on the mailing list without
requiring such participants to receive list traffic.
Umm -- I think I understand what this *intends* to say, but I'm
not sure.
What I'm reading it as actually saying, though, is that a
poster who thinks he is a legitimate technical participant is
to be provided means of *bypassing* moderation.
A means of bypassing challenge-response could be to send a mail
to one of the list admins to forward to the list, but since
moderation is (at least normally) provided by the list admins,
and essentially any human who receives a message and is asked
to forward it to the list will have to judge whether the
message is relevant and appropriate, which constitutes
moderation as I understand it, the statement above seems to
imply that there has to be some way, untouched by a human
making any kind of evaluation, to force a message to be posted
to a list???
It would be rather helpful for an explanation or rationale to
be provided for a statement such as the above, which to me
reads as a very categorical statement that no kind of
challenge-response, moderation, or other reasonable guard
against spam can be put in place without extraordinary efforts
at providing means to *force* a circumvention of the same.
I'm pretty sure that the third bullet above isn't intended to
almost completely nullify the first bullet, but I'm actually
not sure how to set up anything but painstaking manual
inspection of every spam in order to adhere to the third bullet
as written. None of the mechanisms currently available,
including TMDA, spam-assassin, and blocking of posts from
non-subscribers followed by manual inspection seems to fulfil
this as I read it, which leaves me at a loss.
* IETF mailing lists MUST provide a mechanism for legitimate
technical participants to determine if an attempt to post was
dropped as apparent spam.
Again, an umm... I'm not sure I'm aware of an available
technical solution which out-of-the-box will ensure this is
followed, without at the same time resulting in a deluge of
back-scatter. If there was a SHOULD here, I could imagine
working over a bit of time at setting up Mailman to
drop-and-archive, but currently the solution which comes to
mind is to reject, which (I believe) potentially will result in
backscatter and more work and/or junk for the list admin.
Overall, I'm slightly surprised at how categorical several of
the statements above are, without providing rationale and
background information which would have made it possible to
fully understand them. It seems as if they are presented as
decrees from on-high which have to be followed even if they
aren't understood to be sensible or implementable...
* The Internet draft editor, RFC editor, IESG secretary, IETF
chair and IANA MUST be able to post to IETF mailing lists. The
relevant identity information for these roles will be added to
any white-list mechanism used by an IETF mailing list.
* There MUST be a mechanism to complain that a message was
inappropriately blocked.
The realization of these principles is expected to change over
time. List moderators, working group chairs and area directors
are expected to interpret these principles reasonably and
within the context of IETF policy and philosophy.
This supercedes a previous IESG statement on this topic:
http://www.ietf.org/IESG/STATEMENTS/mail-submit-policy.txt
That statement contains justification and implementation
advice that may be helpful to anyone applying these principles.
A separate IESG statement applies to moderation of IETF
mailing lists:
http://www.ietf.org/IESG/STATEMENTS/moderated-lists.txt
Henrik
_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
|
|