spf-discuss
[Top] [All Lists]

RE: SPF adoptees

2004-09-11 17:00:39
From: Anne P. Mitchell, Esq.
Sent: Friday, September 10, 2004 9:35 PM

<...>

We give points in IADB for senders who publish SPF records
because they are generally senders who are _trying_ to do
the right thing, who will remove your address from their
list if you click on their unsub link, etc..

Since an end-user cannot tell when a spammer will remove them from their
list, the long-standing advice from the FCC is to never use those links.
Experience has proven that very good advice.  Opt-out links that work
are a great idea, but until these companies stop opting people in
without permission, it is the wrong thing to reward.


Sure, maybe they opted you in without your permission, and
that's wrong, but they are _not_ in the same league as the
forging, spoofing, zombifying people who are hawking herbal
and marital supplements.

And that's exactly where IADB's interests and those of recipients
diverge.  Anything unsolicited and bulk is spam.  From the standpoint of
recipients, IADB's "nice spammer" who opted you in without permission
and the enlargement ad sender are no different.  Spam is about behavior,
not content, and both of those senders had the same amount of permission
to send the recipient advertising:  none.  They are equally responsible
for the theft of recipient network services and both cost the recipient
the same amount of money per unsolicited bulk message.

From the recipient's standpoint, there is no purpose in identifying
"nicer spammers" from "nastier spammers".  If my car is stolen, do I
really care if it is a teenager out for a joyride or a professional car
thief?  The end result is the same.

The bulk mail industry would love to hear people say, "I really hate
that porno spam but all the other unsolicited ads are really not all
that bad".  I can certainly see why the bulk mail industry would like
end-users to take that position, but fortunately, that is very unlikely
to happen.  They both steal recipients' resources so from our
standpoint, they are the same.  That's like saying that certain muggers
should be rewarded because they don't beat up old people.  They are all
criminals and should be treated as such.  Rather than rewarding
criminals for decreasing their level or criminality, why not consider
only rewarding them for completely eliminating it?

The brighter that line can be drawn, and SPF _does_ help draw that
line, the more we can concentrate on the really bad guys, and *that*,
my friends, is what is going to stop spam.  Being able to direct
resources to the real root of the problem.

This is wishful thinking.  All spammers are bad guys, including any that
happen to belong to IADB.  Having my mailbox full of unsolicited
Wall-Mart, Staples and Sears ads is no better than having it full of
enlargement ads.  They have both stolen the same amount of my money by
sending unsolicited bulk emails.  In fact, the "nice spammer" messages
are arguably worse, since they are harder to detect with Bayesian
filters.  Rather than attempt to cast this situation in shades of grey,
I suggest a more realistic approach to the problem is from the
standpoint of direct, confirmed permission to send bulk email to a given
address.  Either you have it, or you don't.  There's no such thing as
having partial permission, implied permission or inherited permission.
Anyone who sends bulk email without such permission is a spammer.
That's how virtually everyone _outside_ the bulk mail industry defines
it.

--

Seth Goodman


<Prev in Thread] Current Thread [Next in Thread>