mail-ng
[Top] [All Lists]

Re: Why are we here? What are our goals?

2004-01-30 02:42:38

This might be a nit, but...

The Received Headers in SMTP are bottom up, not top  down. 

The rule is to add new RECEIVED: headers at the top as the mail proceeds
from posting to relaying to delivery.


At 4:53 +0000 1/30/04, James Craig Burley wrote:

[SNIP]... [SNIP]... [SNIP]... [SNIP]... [SNIP]... [SNIP]... [SNIP]... [SNIP]...

But you can reject anonymous email *now*, by basically going through
the following steps for an incoming email via SMTP:

 1.  Do I trust the injecting host/IP to properly form the
     topmost "Received:" header?

     If no, reject the email.

 2.  Is that host/IP representing the email as originating on a
     system under its control?

     If yes, go to step 6.

 3.  Examine the next "Received:" header, starting with the topmost
     one.

 4.  Treat the host/IP in that header as the "injecting host/IP"
     for the purposes of this subroutine.

 5.  Go to step 1.

 6.  Do I trust the injecting host/IP to correctly designate and
     track users who submit email?

     If no, reject the email.

 7.  Does the injecting host/IP promise that the user submitting
     this email is not anonymous, and do I trust that promise?

     If no, reject the email.

 8.  Accept the email.


[SNIP]... [SNIP]... [SNIP]... [SNIP]... [SNIP]... [SNIP]... [SNIP]... [SNIP]...


Next, I note that you use the word TRUST in Item #1. 

Do you have a definition of what you mean by TRUST. 

It is my perception that once upon a time, prior to 1994 when the NSF 
Appropriate  Use Rules were discontinued, users who violated the rules 
could be denied access privileges, which which visceral threat caused all 
users to fear being found wanting in the behavior department.  This caused 
users to behave in TRUST worthy ways and "The Net" was much more idyllic like 
Camelot than it has been ever since 1994.  Spam was unknown, and people 
generally behaved very well indeed.

The first SPAM was sent in the late 1970's by an ill trained secretary at 
DEC who typed in all the EMail addresses of West Coast Mailboxes and sent them 
an invite to an announcement for showing of the brand new DEC 2020 computers 
in San Francisco.  These DEC Folk were not aware that all the ARPA EMAIL users 
of the ARPANET had their mailboxes at SRI in Menlo Park, CA!  ARPA was 
demonstrating to itself that this arrangement would work;-)...

They all got a copy of the Invite!-)...  
And the DEC CEO got a phone call from ARPA! 

The DEC CEO took umbrage at being chastised, and there after objected to DEC 
doing much of anything from the ARPANET;-)... 

This episode left a big mark on the entitled ARPANET and NSFnet USERS that 
lasted until 1994, when the Appropriate Use Policy (AUP) was dropped and 
trust began to dissolve.  Anyone could then get on the Internet and no one 
would force them to get off no matter what they did (or do).

Trust has continued to dissolve since then, to the point we are at now, where 
it is very hard to really "TRUST" anything or anyone on the net.  Spam did not 
reappear in any significant way until after 1994.  For example, I will bet 
that very few of you will trust me or what I am saying here. 

So, now we want to get our TRUST back, but we do not want it to be instilled 
or induced by anything like the ARPA or NSFnet AUP (Appropriate Use Policy). 

So, one of the most critical problem for mail in the context of this list, 
is to restore trust to our beloved EMail systems.  

Now then, the next step is to figure out what trust is;-)...  

Pretty much, everyone knows it when they see it, but nobody has a definition 
for it! 

My personal suspicion is that basic trust is derived from the Genome!  And 
everyone grows up from birth with this inherent sense of trust, and it is so 
subtle that we take our innate sense of trust for granted without knowing how 
to define it. Even worms deal with trust when they sense danger in chemicals 
in the ground they are traversing.  Lambs avoid Lions, cats avoid dogs, and 
everyone laughs at the Used Car Salesman when he says "TRUST ME".  

Indeed, there is a gross story that "Trust Me" means "F*** You!" in Yiddish.  

So, it seems clear that we inherently know trust when we see it, but like the 
word "Information" we did not have a useful technical definition for it until 
Claude Shannon invented the bit, and defined it as being information if, when 
you received it, you had not expected it.  And he used his "definition" as the 
foundation of his Mathematical edifice of Information Theory at Bell Labs, 
and they applied it to he design of the Bell Telephone System!  

Or maybe it is more like the definition of PORN stated by a US Supreme 
Court Justice that he Knows what PORN is when he sees it, but he could 
not define it.

So, my prediction is that nothing is going to come out of this discussion to 
deal with TRUST until after we find a definition for it to use as a foundation 
of Trust Theory.

So, I leave you here to think about this supposedly simple problem;-)...

And I predict that we are not going anywhere with rethinking EMail until we 
know what TRUST is un clear mathematical terms the can deal with issues of 
trust among people, and among computers and between people and computers. 

Cheers;-)...\Stef

PS:  Just for kicks, I put "Define: Trust"  in Google to see what it could 
find. 

This one is typical:  "the trait of trusting; of believing in the honesty and 
reliability of others; "the experience destroyed his trust and personal 
dignity"  
<www.cogsci.princeton.edu/cgi-bin/webwn> " 

Here it depends on intuitive fore knowledge of what trusting feels like.

Then I put Define information in Google and this was the 5th item found.

(communication theory) a numerical measure of the uncertainty of an outcome; 
"the signal contained thousands of bits of information"  
<www.cogsci.princeton.edu/cgi-bin/webwn> 

For more such stuff, I suggest (if you are truly interested) you dig around in 
the pile of stuff Google can dig up on the definitions of these two words.

And then I put "Define: Porn" in Google, and here is one result:
"Bill Dobbins' Controversial Photo: Fine Art or Sleazy Porn?
... wonder about somebody calling ANY photo of an attractive woman in a bikini 
"porn."
"Justice Stewart of the Supreme Court has said you can't define porn but you ...
www.billdobbins.com/PUBLIC/pages/ coolfree/Sleazy_porn.html -  14k - Cached - 
Similar pages
And I found Justice Potter Stewart's famous assurance, "I know it when I see 
it," 

Trust is currently in the same situation.  We know it when we see it!

\Stef