|
Re: Good Domain List one step closer to reality (actually two steps)
2004-08-18 15:23:47
On Tue, 17 Aug 2004 22:43:10 -0500, Seth Goodman
<sethg(_at_)GoodmanAssociates(_dot_)com> wrote:
To the extent that SpamHaus gets involved with a sender-financed
operation, they compromise their reputation as a spam-tracking service.
It's their choice.
table. The issue is whether we intend to allow reputation services that
are paid for by senders to become a virtual necessity to get mail
reliably delivered. That would be an extremely bad thing to happen to
email, unless you are a bulk mailer with deep pockets. This is
something that we should fight strenuously.
Foolishly I'm stepping into a little flame war here, but I'm new to the
list so I just wanted to try and clarify some of my own thoughts. Be sure
to real it all before you reply.
For a long time I've had the thought that most of the spam I receive is
from people who do NOT have deep pockets, and who are conducting illegal
activities. This is inspired by the way they do not use their own mail
servers to send the spam, and often forge sender and other contact
information. Thus, any system which allows receivers to correctly and
accurately identify a spammer will also allow prosecution against
spammers. If prosecution against spammers were possible, then spamming
could be eliminated through prosecution (by ISP's more often than users, I
imagine).
In a sender-paid service, it seems likely that spammers have to identify
themselves in some way in order to pay and send email, and thus they
become trackable and prosecutable. It seems unlikely to me that the
purveyors of penis-enlargment products, pornography, and viruses are going
to finance, pay for, or otherwise invest in this service. Collectively
these markets are large, but they are also fragmented (maybe this is just
an illusion?). I find it more likely they would continue to act outside
the system and continue hijack sender-identities and so forth in order to
have their junk mail delivered by illegitimate means.
However, I am pretty much ignorant of the facts here. Who really is
financing these sender-paid services?
Still, I don't think sender-paid services are the best answer here; it has
already been pointed out that they are creating a market whose profit is
not proportional to the number of spam messages blocked, but rather the
number of messages sent. Thus - in Darwinian fashion - the hard-working
spam blockers will dwindle and go out of business as they cut off their
own food supply. The services that remain in business should be the ones
that are most easily exploited and have the best marketing (to senders).
If SPF is adopted by yahoo, msn, and other popular domains then spammers
will be driven to use email addresses from small domains who have not
implemented SPF. Whether the spam fighters talking people into adding SPF
to their DNS will be able to keep pace with the spammers finding new
non-spf-protected domains remains to be seen, but there should be at least
a noticable reduction in spam messages delivered. Or so I imagine.
Sender-ID is another technology that (assuming I'm connecting the name to
the concept) tries to ensure that you can connect an email to a live
person, and this creates the paper trail necessary to prosecute spammers.
Yet again we face the fact the spammers are willing to work around the
system - stolen identities, viruses, etc. and this isn't going to
completely stop spam either. Instead, it may just allow us to prosecute
innocent dupes of spammers.
Should any spam-blocking technology should generally be REQUIRED in order
to have your messages delivered? I think not. This implies that no newer
and better technology will come and replace that technology, and it also
assumes that everyone is able and willing to upgrade. I anticipate the
strategy of mail receivers will continue to be to accept mail by default,
and only block mail using systems where no false positives are generated
(as it is with SPF).
Hopefully someone will expose me to useful facts that can point me in a
direction more in tune with reality and the findings of the spam-blocking
community, if there is one.
CU
Dobes
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: Good Domain List one step closer to reality (actually two steps), (continued)
- RE: Good Domain List one step closer to reality (actually two steps), John Glube
- Re: Good Domain List one step closer to reality (actually two steps), Waitman C Gobble II
- Re: Good Domain List one step closer to reality (actually two steps), spf
- Re: Good Domain List one step closer to reality (actually two steps), Waitman C Gobble II
- Re: Good Domain List one step closer to reality (actually two steps), Nico Kadel-Garcia
- Re: Good Domain List one step closer to reality (actually two steps), Graham Murray
- Re: Good Domain List one step closer to reality (actually two steps),
Dobes Vandermeer <=
- Re: Good Domain List one step closer to reality (actually two steps), Stuart D. Gathman
- Re: Good Domain List one step closer to reality (actually two steps), Koen Martens
- Re: Good Domain List one step closer to reality (actually two steps), Dobes Vandermeer
- Re: Good Domain List one step closer to reality(actually two steps), jpinkerton
- Re: Good Domain List one step closer to reality (actually two steps), Koen Martens
- RE: Good Domain List one step closer to reality (actually two steps), guy
- Re: Good Domain List one step closer to reality (actually two steps), jpinkerton
- RE: Good Domain List one step closer to reality (actually two steps), Andriy G. Tereshchenko
- Re: Good Domain List one step closer to reality (actually two steps), jpinkerton
- Re: Good Domain List one step closer to reality (actually two steps), Mark
|
|
|